Latest Cyber Security News

You are here: Home / General Cyber Security News / Adobe Patches Actively Exploited Acrobat Reader Flaw CVE-2026-34621
April 12, 2026

Adobe has released emergency updates to fix a critical security flaw in Acrobat Reader that has come under active exploitation in the wild.

The vulnerability, assigned the CVE identifier CVE-2026-34621, carries a CVSS score of 9.6 out of 10.0. Successful exploitation of the flaw could allow an attacker to run malicious code on affected installations.

It has been described as a case of prototype pollution that could result in arbitrary code execution. Prototype pollution refers to a JavaScript security vulnerability that permits an attacker to manipulate an application’sobjects and properties.

✔ Approved From Our Partners
AOMEI Backupper Lifetime

Protect and backup your data using AOMEI Backupper. AOMEI Backupper takes secure and encrypted backups from your Windows, hard drives or partitions. With AOMEI Backupper you will never be worried about loosing your data anymore.

Get AOMEI Backupper with 72% discount from an authorized distrinutor of AOMEI: SerialCart® (Limited Offer).

➤ Activate Your Coupon Code


Cybersecurity

The issue impacts the following products and versions for both Windows and macOS –

  • Acrobat DC versions 26.001.21367 and earlier (Fixed in 26.001.21411)
  • Acrobat Reader DC versions 26.001.21367 and earlier (Fixed in 26.001.21411)
  • Acrobat 2024 versions 24.001.30356 and earlier (Fixed in 24.001.30362 for Windows and 24.001.30360 for macOS)

Adobe acknowledged that it’s “aware of CVE-2026-34621 being exploited in the wild.”

The development comes days after security researcher and EXPMON founder Haifei Li disclosed details of zero-day exploitation of the flaw to run malicious JavaScript code when opening specially crafted PDF documents through Adobe Reader. There is evidence suggesting that the vulnerability may have been under exploitation since December 2025.

“It appears that Adobe has determined the bug can lead to arbitrary code execution — not just an information leak,” EXPMON said in a post on X. “This aligns with our findings and those of other security researchers over the last few days.”

Found this article interesting? Follow us on Google News, Twitter and LinkedIn to read more exclusive content we post.


Some parts of this article are sourced from:
thehackernews.com

Reader Interactions

Leave a Reply

Your email address will not be published. Required fields are marked *