Acrobat Reader | Improperly Controlled Modification of Object Prototype Attributes...

8.6 / 10

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

Description

Acrobat Reader versions 24.001.30356, 26.001.21367 and earlier are affected by an Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

AI Analysis

Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') vulnerability in Acrobat Reader, allowing arbitrary code execution in the context of the current user.

Basic Information

ID CVE-2026-34621

Source adobe

Published Apr 11, 2026 at 06:45

Modified Apr 12, 2026 at 04:20

Affected Product

Vendor Adobe

Product Acrobat Reader

Affected Versions Adobe Acrobat Reader 0

CWE Classification

CWE-1321

AI Assessment

AI Score 8.6 / 10

AI Severity High

Vendor Adobe

Product Acrobat Reader

Version 24.001.30356, 26.001.21367 and earlier

References

helpx.adobe.com /security/products/acrobat/apsb26-43.html

{
    "lastseen": "",
    "description": "Acrobat Reader versions 24.001.30356, 26.001.21367 and earlier are affected by an Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.",
    "published": "2026-04-11T06:45:43.512Z",
    "modified": "2026-04-12T04:20:33.694Z",
    "type": "cve",
    "title": "Acrobat Reader | Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') (CWE-1321)",
    "source": "adobe",
    "references": "https://helpx.adobe.com/security/products/acrobat/apsb26-43.html",
    "id": "CVE-2026-34621",
    "bulletinFamily": "",
    "cwe": [
        "CWE-1321"
    ],
    "cvelist": null,
    "sourceData": "Adobe Acrobat Reader 0",
    "sourceHref": "",
    "cvss": {
        "score": 8.6,
        "severity": "HIGH",
        "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Acrobat Reader",
    "version": "0",
    "vendor": "Adobe",
    "ai_description": "Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') vulnerability in Acrobat Reader, allowing arbitrary code execution in the context of the current user.",
    "ai_severity": "High",
    "ai_vendor": "Adobe",
    "ai_product": "Acrobat Reader",
    "ai_version": "24.001.30356, 26.001.21367 and earlier",
    "ai_score": 8.6
}

Acrobat Reader | Improperly Controlled Modification of Object Prototype Attributes (‘Prototype Pollution’) (CWE-1321)_CVE-2026-34621