Ptechhub
  • News
  • Industries
    • Enterprise IT
    • AI & ML
    • Cybersecurity
    • Finance
    • Telco
  • Brand Hub
    • Lifesight
  • Blogs
No Result
View All Result
  • News
  • Industries
    • Enterprise IT
    • AI & ML
    • Cybersecurity
    • Finance
    • Telco
  • Brand Hub
    • Lifesight
  • Blogs
No Result
View All Result
PtechHub
No Result
View All Result

Adobe Patches Actively Exploited Acrobat Reader Flaw CVE-2026-34621

The Hacker News by The Hacker News
April 12, 2026
Home Cybersecurity
Share on FacebookShare on Twitter


Ravie LakshmananApr 12, 2026Vulnerability / Endpoint Security

Adobe has released emergency updates to fix a critical security flaw in Acrobat Reader that has come under active exploitation in the wild.

The vulnerability, assigned the CVE identifier CVE-2026-34621, carries a CVSS score of 8.6 out of 10.0. Successful exploitation of the flaw could allow an attacker to run malicious code on affected installations.

It has been described as a case of prototype pollution that could result in arbitrary code execution. Prototype pollution refers to a JavaScript security vulnerability that permits an attacker to manipulate an application’sobjects and properties.

The issue impacts the following products and versions for both Windows and macOS –

  • Acrobat DC versions 26.001.21367 and earlier (Fixed in 26.001.21411)
  • Acrobat Reader DC versions 26.001.21367 and earlier (Fixed in 26.001.21411)
  • Acrobat 2024 versions 24.001.30356 and earlier (Fixed in 24.001.30362 for Windows and 24.001.30360 for macOS)

Adobe acknowledged that it’s “aware of CVE-2026-34621 being exploited in the wild.”

The development comes days after security researcher and EXPMON founder Haifei Li disclosed details of zero-day exploitation of the flaw to run malicious JavaScript code when opening specially crafted PDF documents through Adobe Reader. There is evidence suggesting that the vulnerability may have been under exploitation since December 2025.

“It appears that Adobe has determined the bug can lead to arbitrary code execution — not just an information leak,” EXPMON said in a post on X. “This aligns with our findings and those of other security researchers over the last few days.”

(The story was updated after publication to reflect the change in CVSS score from 9.6 to 8.6. In a revision to its advisory on April 12, 2026, Adobe said it adjusted the attack vector from Network (AV:N) to Local (AV:L).)



Source link

The Hacker News

The Hacker News

Next Post
CPUID Breach Distributes STX RAT via Trojanized CPU-Z and HWMonitor Downloads

CPUID Breach Distributes STX RAT via Trojanized CPU-Z and HWMonitor Downloads

Recommended.

Google DeepMind Hires New AI Chief Strategy Leader, Who Plans ‘To Develop AGI Safely To Empower Humans’

Google DeepMind Hires New AI Chief Strategy Leader, Who Plans ‘To Develop AGI Safely To Empower Humans’

March 19, 2026
Agthia Delivers Strong Q1 2026, with Net Profit Growth of 12.5%

Agthia Delivers Strong Q1 2026, with Net Profit Growth of 12.5%

May 12, 2026

Trending.

Cloud Market Share Q1 2026: AWS, Microsoft, Google Battling In AI Era

Cloud Market Share Q1 2026: AWS, Microsoft, Google Battling In AI Era

May 4, 2026
Anaconda Extends AI-Native Application Development With Acquisition

Anaconda Extends AI-Native Application Development With Acquisition

May 1, 2026
AT&T Vs. Verizon: How The Country’s Biggest Carriers Fared In Q4 2025

AT&T Vs. Verizon: How The Country’s Biggest Carriers Fared In Q4 2025

January 30, 2026
AWS Vs. Google Cloud Vs. Microsoft Azure Q1 Earnings Face-Off

AWS Vs. Google Cloud Vs. Microsoft Azure Q1 Earnings Face-Off

May 1, 2026
This Scammer Used an AI-Generated MAGA Girl to Grift ‘Super Dumb’ Men

This Scammer Used an AI-Generated MAGA Girl to Grift ‘Super Dumb’ Men

April 21, 2026

PTechHub

A tech news platform delivering fresh perspectives, critical insights, and in-depth reporting — beyond the buzz. We cover innovation, policy, and digital culture with clarity, independence, and a sharp editorial edge.

Follow Us

Industries

  • AI & ML
  • Cybersecurity
  • Enterprise IT
  • Finance
  • Telco

Navigation

  • About
  • Advertise
  • Privacy & Policy
  • Contact

Subscribe to Our Newsletter

  • About
  • Advertise
  • Privacy & Policy
  • Contact

Copyright © 2025 | Powered By Porpholio

No Result
View All Result
  • News
  • Industries
    • Enterprise IT
    • AI & ML
    • Cybersecurity
    • Finance
    • Telco
  • Brand Hub
    • Lifesight
  • Blogs

Copyright © 2025 | Powered By Porpholio