Main Vulnerability Database Vulnerabilities #VU126064

#VU126064 Prototype pollution in Adobe Acrobat and Adobe Reader - CVE-2026-34626

Published: April 14, 2026

Vulnerability identifier: #VU126064

Vulnerability risk: High

CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber

CVE-ID: CVE-2026-34626

CWE-ID: CWE-1321

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vulnerable software:
Adobe Acrobat
Adobe Reader

Software vendor:
Adobe

Description

The vulnerability allows a remote attacker to execute arbitrary JavaScript code.

The vulnerability exists due to improper input validation. A remote attacker can trick the victim into opening a specially crafted PDF file and execute arbitrary code on the system.

Note, the vulnerability may allow an attacker to compromise the affected system.

Remediation

Install updates from vendor's website.

External links

https://helpx.adobe.com/security/products/acrobat/apsb26-44.html

#VU126064 Prototype pollution in Adobe Acrobat and Adobe Reader - CVE-2026-34626

Description

Remediation

External links

Please verify you're human