EUVD-2026-35834
GHSA-53q2-mqcg-jhm2
Severity by source
AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Lifecycle Timeline
1DescriptionNVD
Format Plugins versions 1.1.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
AnalysisAI
Arbitrary code execution in Adobe Format Plugins 1.1.2 and earlier occurs through a heap-based buffer overflow that executes in the current user's security context when a victim opens a maliciously crafted file. The flaw was reported by Adobe PSIRT and carries a CVSS 7.8 (high) score, but no public exploit identified at time of analysis and the vulnerability is not listed in CISA KEV, suggesting it is currently a patching priority rather than an active incident.
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Exploitation requires the victim to open an attacker-supplied malicious file with an Adobe application that loads the vulnerable Format Plugins (version 1.1.2 or earlier); per CVSS UI:R the user-interaction requirement is non-optional, and per AV:L the malicious file must be processed locally rather than being triggered over a network protocol. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The CVSS vector AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H makes this a classic client-side file-parsing bug: the attack vector is Local with required User Interaction, meaning the victim must be tricked into opening a malicious file, but successful exploitation yields full confidentiality, integrity, and availability impact in the user's context. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker emails or hosts a malicious file in a format handled by Adobe Format Plugins and lures a target - for example a designer or media professional - into opening it; when the plugin parses the crafted structure it overflows a heap buffer and the attacker's shellcode runs with the user's privileges, enabling credential theft, lateral movement, or ransomware staging. No public exploit identified at time of analysis, but heap-overflow primitives in document parsers have a long history of being weaponized once details surface. |
| Remediation | Apply the fixed Format Plugins release referenced in Adobe Security Bulletin APSB26-65 (https://helpx.adobe.com/security/products/formatplugins/apsb26-65.html) - the exact fixed version number is not enumerated in the input data, so administrators should pull the version listed in that bulletin rather than rely on an inferred build. … Detailed patch versions, workarounds, and compensating controls in full report. |
Recommended ActionAI
24 hours: Inventory all systems running Adobe Format Plugins 1.1.2 or earlier; disable the plugin if business operations permit, or restrict file handling to trusted sources only. …
Sign in for detailed remediation steps and compensating controls.
Threat intelligence, references, and detailed analysis are available after sign-in.
More from same product – last 7 days
Share
External POC / Exploit Code
Leaving vuln.today