Acrobat Reader | Improperly Controlled Modification of Object Prototype Attributes...

6.3 / 10

MEDIUM

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N

Description

Acrobat Reader versions 26.001.21411, 24.001.30360, 24.001.30362 and earlier are affected by an Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') vulnerability that could result in arbitrary file system read in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Basic Information

ID CVE-2026-34626

Source adobe

Published Apr 14, 2026 at 16:18

Modified Apr 14, 2026 at 17:53

Affected Product

Vendor Adobe

Product Acrobat Reader

Affected Versions Adobe Acrobat Reader 0

CWE Classification

CWE-1321

References

helpx.adobe.com /security/products/acrobat/apsb26-44.html

{
    "lastseen": "",
    "description": "Acrobat Reader versions 26.001.21411, 24.001.30360, 24.001.30362 and earlier are affected by an Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') vulnerability that could result in arbitrary file system read in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.",
    "published": "2026-04-14T16:18:04.679Z",
    "modified": "2026-04-14T17:53:05.039Z",
    "type": "cve",
    "title": "Acrobat Reader | Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') (CWE-1321)",
    "source": "adobe",
    "references": "https://helpx.adobe.com/security/products/acrobat/apsb26-44.html",
    "id": "CVE-2026-34626",
    "bulletinFamily": "",
    "cwe": [
        "CWE-1321"
    ],
    "cvelist": null,
    "sourceData": "Adobe Acrobat Reader 0",
    "sourceHref": "",
    "cvss": {
        "score": 6.3,
        "severity": "MEDIUM",
        "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Acrobat Reader",
    "version": "0",
    "vendor": "Adobe",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

Acrobat Reader | Improperly Controlled Modification of Object Prototype Attributes (‘Prototype Pollution’) (CWE-1321)_CVE-2026-34626