Skip to main content

Adobe Acrobat Reader EUVDEUVD-2026-35818

| CVE-2026-47924 MEDIUM
Use After Free (CWE-416)
2026-06-09 adobe GHSA-hgv3-64hr-3fx9
5.5
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
5.5 MEDIUM
AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Attack Vector
Local
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None

Lifecycle Timeline

1
Analysis Generated
Jun 09, 2026 - 20:56 vuln.today

DescriptionNVD

Acrobat Reader versions 24.001.30365, 26.001.21651 and earlier are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to disclose sensitive information. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

AnalysisAI

Use After Free memory disclosure in Adobe Acrobat Reader versions 24.001.30365 and 26.001.21651 (and earlier) exposes sensitive process memory contents when a victim opens a specially crafted malicious file. The CVSS vector (AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N) confirms the attack is local, requires no privileges, but mandates user interaction - the victim must manually open the attacker-supplied document. Impact is limited to confidentiality (C:H), with no integrity or availability consequence. No public exploit identified at time of analysis, and the vulnerability is not listed in the CISA Known Exploited Vulnerabilities catalog.

Technical ContextAI

CWE-416 (Use After Free) describes a class of memory safety vulnerability where a program continues to reference a memory region after it has been freed back to the allocator. In document rendering engines like Acrobat Reader, this typically occurs during complex object lifecycle operations - such as parsing nested PDF structures, JavaScript execution within documents, or form/annotation handling - where an object is freed while a dangling pointer retains a reference. When that freed memory is subsequently reallocated and accessed, it may contain residual data from other allocations, enabling an attacker to leak sensitive memory contents (e.g., heap addresses, credentials, cryptographic material). The affected product is confirmed via CPE cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:*, covering the Adobe Acrobat Reader application across platforms. The tag set (Use After Free, Memory Corruption) is consistent with this root cause classification. Note: the 'Denial Of Service' tag in the source intelligence is inconsistent with the CVSS vector which shows A:N (no availability impact) - this tag may reflect a secondary or theoretical consequence not scored by Adobe.

RemediationAI

Update Adobe Acrobat Reader to a version above 24.001.30365 (for the 24.x continuous track) or above 26.001.21651 (for the 26.x track) as directed by Adobe security advisory APSB26-63 at https://helpx.adobe.com/security/products/acrobat/apsb26-63.html. The exact patched release versions should be confirmed directly against the advisory, as the input data identifies the last vulnerable versions but does not enumerate the specific fixed-version numbers independently. As a compensating control where immediate patching is not feasible, configure email and web gateways to sandbox or quarantine PDF attachments from untrusted senders before delivery, reducing the likelihood that a malicious file reaches an end user. Disabling JavaScript execution within Acrobat Reader (Edit > Preferences > JavaScript > uncheck 'Enable Acrobat JavaScript') may reduce the attack surface for UAF triggers that rely on scripted object manipulation, though this may break legitimate PDF functionality. Enforcing Protected Mode (sandboxing) in Acrobat Reader settings limits the impact of memory disclosure by restricting what process memory is accessible within the sandbox boundary.

CVE-2013-2730 CRITICAL POC
10.0 May 16

Buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allows attacke

CVE-2015-3073 CRITICAL POC
10.0 May 13

Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to bypass inten

CVE-2014-9160 CRITICAL
10.0 May 13

Multiple heap-based buffer overflows in Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows

CVE-2013-3356 CRITICAL
10.0 Sep 12

Buffer overflow in Adobe Reader and Acrobat before 10.1.8 and 11.x before 11.0.04 on Windows and Mac OS X allows attacke

CVE-2013-3353 CRITICAL
10.0 Sep 12

Buffer overflow in Adobe Reader and Acrobat before 10.1.8 and 11.x before 11.0.04 on Windows and Mac OS X allows attacke

CVE-2013-3351 CRITICAL
10.0 Sep 12

Multiple stack-based buffer overflows in Adobe Reader and Acrobat before 10.1.8 and 11.x before 11.0.04 on Windows and M

CVE-2015-7622 CRITICAL POC
10.0 Oct 14

Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.

CVE-2013-3358 CRITICAL
10.0 Sep 12

Integer overflow in Adobe Reader and Acrobat before 10.1.8 and 11.x before 11.0.04 on Windows and Mac OS X allows attack

CVE-2013-3357 CRITICAL
10.0 Sep 12

Integer overflow in Adobe Reader and Acrobat before 10.1.8 and 11.x before 11.0.04 on Windows and Mac OS X allows attack

CVE-2014-0561 CRITICAL
10.0 Sep 17

Heap-based buffer overflow in Adobe Reader and Acrobat 10.x before 10.1.12 and 11.x before 11.0.09 on Windows and OS X a

CVE-2012-0774 CRITICAL
10.0 Apr 10

Integer overflow in Adobe Reader and Acrobat 9.x before 9.5.1 and 10.x before 10.1.3 allows attackers to execute arbitra

CVE-2012-1525 CRITICAL
10.0 Aug 15

Heap-based buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.2 and 10.x before 10.1.4 on Windows and Mac OS X a

Share

EUVD-2026-35818 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy