Severity by source
AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Lifecycle Timeline
1DescriptionNVD
Acrobat Reader versions 24.001.30365, 26.001.21651 and earlier are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to disclose sensitive information. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
AnalysisAI
Use After Free memory disclosure in Adobe Acrobat Reader versions 24.001.30365 and 26.001.21651 (and earlier) exposes sensitive process memory contents when a victim opens a specially crafted malicious file. The CVSS vector (AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N) confirms the attack is local, requires no privileges, but mandates user interaction - the victim must manually open the attacker-supplied document. Impact is limited to confidentiality (C:H), with no integrity or availability consequence. No public exploit identified at time of analysis, and the vulnerability is not listed in the CISA Known Exploited Vulnerabilities catalog.
Technical ContextAI
CWE-416 (Use After Free) describes a class of memory safety vulnerability where a program continues to reference a memory region after it has been freed back to the allocator. In document rendering engines like Acrobat Reader, this typically occurs during complex object lifecycle operations - such as parsing nested PDF structures, JavaScript execution within documents, or form/annotation handling - where an object is freed while a dangling pointer retains a reference. When that freed memory is subsequently reallocated and accessed, it may contain residual data from other allocations, enabling an attacker to leak sensitive memory contents (e.g., heap addresses, credentials, cryptographic material). The affected product is confirmed via CPE cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:*, covering the Adobe Acrobat Reader application across platforms. The tag set (Use After Free, Memory Corruption) is consistent with this root cause classification. Note: the 'Denial Of Service' tag in the source intelligence is inconsistent with the CVSS vector which shows A:N (no availability impact) - this tag may reflect a secondary or theoretical consequence not scored by Adobe.
RemediationAI
Update Adobe Acrobat Reader to a version above 24.001.30365 (for the 24.x continuous track) or above 26.001.21651 (for the 26.x track) as directed by Adobe security advisory APSB26-63 at https://helpx.adobe.com/security/products/acrobat/apsb26-63.html. The exact patched release versions should be confirmed directly against the advisory, as the input data identifies the last vulnerable versions but does not enumerate the specific fixed-version numbers independently. As a compensating control where immediate patching is not feasible, configure email and web gateways to sandbox or quarantine PDF attachments from untrusted senders before delivery, reducing the likelihood that a malicious file reaches an end user. Disabling JavaScript execution within Acrobat Reader (Edit > Preferences > JavaScript > uncheck 'Enable Acrobat JavaScript') may reduce the attack surface for UAF triggers that rely on scripted object manipulation, though this may break legitimate PDF functionality. Enforcing Protected Mode (sandboxing) in Acrobat Reader settings limits the impact of memory disclosure by restricting what process memory is accessible within the sandbox boundary.
More in Acrobat Reader
View allBuffer overflow in Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allows attacke
Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to bypass inten
Multiple heap-based buffer overflows in Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows
Buffer overflow in Adobe Reader and Acrobat before 10.1.8 and 11.x before 11.0.04 on Windows and Mac OS X allows attacke
Buffer overflow in Adobe Reader and Acrobat before 10.1.8 and 11.x before 11.0.04 on Windows and Mac OS X allows attacke
Multiple stack-based buffer overflows in Adobe Reader and Acrobat before 10.1.8 and 11.x before 11.0.04 on Windows and M
Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.
Integer overflow in Adobe Reader and Acrobat before 10.1.8 and 11.x before 11.0.04 on Windows and Mac OS X allows attack
Integer overflow in Adobe Reader and Acrobat before 10.1.8 and 11.x before 11.0.04 on Windows and Mac OS X allows attack
Heap-based buffer overflow in Adobe Reader and Acrobat 10.x before 10.1.12 and 11.x before 11.0.09 on Windows and OS X a
Integer overflow in Adobe Reader and Acrobat 9.x before 9.5.1 and 10.x before 10.1.3 allows attackers to execute arbitra
Heap-based buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.2 and 10.x before 10.1.4 on Windows and Mac OS X a
Same weakness CWE-416 – Use After Free
View allSame technique Denial Of Service
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-35818
GHSA-hgv3-64hr-3fx9