SB2026060958 - Multiple vulnerabilities in Adobe InDesign
Published: June 9, 2026
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 12 vulnerabilities.
1) Stack-based buffer overflow (CVE-ID: CVE-2026-34702)
CWE-ID: CWE-121 - Stack-based buffer overflow
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
The vulnerability allows a remote attacker to execute arbitrary code.
The vulnerability exists due to stack-based buffer overflow in Adobe InDesign when parsing input. A remote attacker can trick the victim into opening crafted content to execute arbitrary code.
User interaction is required to open crafted content.
2) Use-after-free (CVE-ID: CVE-2026-34696)
CWE-ID: CWE-416 - Use After Free
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
The vulnerability allows a remote attacker to execute arbitrary code.
The vulnerability exists due to use-after-free in Adobe InDesign when parsing input. A remote attacker can trick the victim into opening crafted content to execute arbitrary code.
User interaction is required to open crafted content.
3) Stack-based buffer overflow (CVE-ID: CVE-2026-34697)
CWE-ID: CWE-121 - Stack-based buffer overflow
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
The vulnerability allows a remote attacker to execute arbitrary code.
The vulnerability exists due to stack-based buffer overflow in Adobe InDesign when parsing input. A remote attacker can trick the victim into opening crafted content to execute arbitrary code.
User interaction is required to open crafted content.
4) Heap-based buffer overflow (CVE-ID: CVE-2026-34698)
CWE-ID: CWE-122 - Heap-based Buffer Overflow
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
The vulnerability allows a remote attacker to execute arbitrary code.
The vulnerability exists due to heap-based buffer overflow in Adobe InDesign when parsing input. A remote attacker can trick the victim into opening crafted content to execute arbitrary code.
User interaction is required to open crafted content.
5) Heap-based buffer overflow (CVE-ID: CVE-2026-34699)
CWE-ID: CWE-122 - Heap-based Buffer Overflow
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
The vulnerability allows a remote attacker to execute arbitrary code.
The vulnerability exists due to heap-based buffer overflow in Adobe InDesign when parsing input. A remote attacker can trick the victim into opening crafted content to execute arbitrary code.
User interaction is required to open crafted content.
6) Out-of-bounds write (CVE-ID: CVE-2026-34700)
CWE-ID: CWE-787 - Out-of-bounds write
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
The vulnerability allows a remote attacker to execute arbitrary code.
The vulnerability exists due to out-of-bounds write in Adobe InDesign when parsing input. A remote attacker can trick the victim into opening crafted content to execute arbitrary code.
User interaction is required to open crafted content.
7) Heap-based buffer overflow (CVE-ID: CVE-2026-34701)
CWE-ID: CWE-122 - Heap-based Buffer Overflow
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green
The vulnerability allows a remote attacker to cause a denial of service.
The vulnerability exists due to heap-based buffer overflow in Adobe InDesign when parsing input. A remote attacker can trick the victim into opening crafted content to cause a denial of service.
User interaction is required to open crafted content.
8) Stack-based buffer overflow (CVE-ID: CVE-2026-34695)
CWE-ID: CWE-121 - Stack-based buffer overflow
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
The vulnerability allows a remote attacker to execute arbitrary code.
The vulnerability exists due to stack-based buffer overflow in Adobe InDesign when parsing input. A remote attacker can trick the victim into opening crafted content to execute arbitrary code.
User interaction is required to open crafted content.
9) Out-of-bounds write (CVE-ID: CVE-2026-48293)
CWE-ID: CWE-787 - Out-of-bounds write
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
The vulnerability allows a remote attacker to execute arbitrary code.
The vulnerability exists due to out-of-bounds write in Adobe InDesign when parsing input. A remote attacker can trick the victim into opening crafted content to execute arbitrary code.
User interaction is required to open crafted content.
10) NULL pointer dereference (CVE-ID: CVE-2026-34703)
CWE-ID: CWE-476 - NULL Pointer Dereference
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a remote attacker to cause a denial of service.
The vulnerability exists due to null pointer dereference in Adobe InDesign when parsing input. A remote attacker can trick the victim into opening crafted content to cause a denial of service.
User interaction is required to open crafted content.
11) NULL pointer dereference (CVE-ID: CVE-2026-34704)
CWE-ID: CWE-476 - NULL Pointer Dereference
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green
The vulnerability allows a remote attacker to cause a denial of service.
The vulnerability exists due to null pointer dereference in Adobe InDesign when parsing input. A remote attacker can trick the victim into opening crafted content to cause a denial of service.
User interaction is required to open crafted content.
12) Out-of-bounds read (CVE-ID: CVE-2026-34705)
CWE-ID: CWE-125 - Out-of-bounds read
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green
The vulnerability allows a remote attacker to disclose sensitive information.
The vulnerability exists due to out-of-bounds read in Adobe InDesign when parsing input. A remote attacker can trick the victim into opening crafted content to disclose sensitive information.
User interaction is required to open crafted content.
Remediation
Install update from vendor's website.