{"id":45333,"date":"2026-04-12T14:08:44","date_gmt":"2026-04-12T06:08:44","guid":{"rendered":"https:\/\/nuoya.nuoyayasuo.top\/index.php\/2026\/04\/12\/adobe-patches-actively-exploited-acrobat-reader-flaw-cve-2026-34621\/"},"modified":"2026-04-12T14:08:44","modified_gmt":"2026-04-12T06:08:44","slug":"adobe-patches-actively-exploited-acrobat-reader-flaw-cve-2026-34621","status":"publish","type":"post","link":"https:\/\/nuoya.nuoyayasuo.top\/index.php\/2026\/04\/12\/adobe-patches-actively-exploited-acrobat-reader-flaw-cve-2026-34621\/","title":{"rendered":"Adobe Patches Actively Exploited Acrobat Reader Flaw CVE-2026-34621"},"content":{"rendered":"<div style=\"clear: both;\"><a href=\"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEhg1374h3OcQ3MPg1BngGcQC6U8eVWUh3Ye84l6WpQKxC1a8_x1Mpp0K8-0DDfJU0YtVqWoUZcNE-bJ_bsfraWWWfafJoP8pF7jDlcb8L4LqNDYWtbhoaDcSbpcmEwNjDi0hzkie5VVRmqntS8uZe4hrAd4IDcc0CO95Bsj8y1rP7LhfPsCkvQIkOtx-B7D\/s1600\/adobe-adobe.jpg\" style=\"clear: left; display: block; float: left; padding: 1em 0px; text-align: center;\"><img decoding=\"async\" border=\"0\" data-original-height=\"470\" data-original-width=\"900\" src=\"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEhg1374h3OcQ3MPg1BngGcQC6U8eVWUh3Ye84l6WpQKxC1a8_x1Mpp0K8-0DDfJU0YtVqWoUZcNE-bJ_bsfraWWWfafJoP8pF7jDlcb8L4LqNDYWtbhoaDcSbpcmEwNjDi0hzkie5VVRmqntS8uZe4hrAd4IDcc0CO95Bsj8y1rP7LhfPsCkvQIkOtx-B7D\/s16000\/adobe-adobe.jpg\" title=\"Acrobat Reader Flaw CVE-2026-34621\" alt=\"Adobe Patches Actively Exploited Acrobat Reader Flaw CVE-2026-34621\" \/><\/a><\/div>\n<p>Adobe has released emergency updates to fix a critical security flaw in Acrobat Reader that&nbsp;has come under active exploitation in the&nbsp;wild.<\/p>\n<p>The vulnerability, assigned the CVE identifier <strong><a href=\"https:\/\/helpx.adobe.com\/security\/products\/acrobat\/apsb26-43.html\">CVE-2026-34621<\/a><\/strong>, carries a CVSS score of 8.6 out of 10.0. Successful exploitation of the flaw could allow an attacker to run malicious code on affected installations.<\/p>\n<p>It&nbsp;has been&nbsp;described as a case&nbsp;of <a href=\"https:\/\/cwe.mitre.org\/data\/definitions\/1321.html\">prototype&nbsp;pollution<\/a> that could result in arbitrary code execution. Prototype&nbsp;pollution refers&nbsp;to&nbsp;a <a href=\"https:\/\/developer.mozilla.org\/en-US\/docs\/Web\/Security\/Attacks\/Prototype_pollution\">JavaScript security vulnerability<\/a>&nbsp;that permits an attacker to manipulate&nbsp;an application&#8217;sobjects and properties.<\/p>\n<p>The issue impacts the following products and versions for both Windows and macOS&nbsp;&#8211;<\/p>\n<ul>\n<li>Acrobat DC versions 26.001.21367&nbsp;and earlier (Fixed in 26.001.21411)<\/li>\n<li>Acrobat Reader DC versions 26.001.21367&nbsp;and earlier (Fixed in 26.001.21411)<\/li>\n<li>Acrobat 2024 versions 24.001.30356&nbsp;and earlier (Fixed in 24.001.30362&nbsp;for Windows and 24.001.30360&nbsp;for macOS)<\/li>\n<\/ul>\n<p>Adobe acknowledged that it&#8217;s &#8220;aware of CVE-2026-34621 being&nbsp;exploited in the&nbsp;wild.&#8221;<\/p>\n<p>The development comes days after security researcher and EXPMON founder Haifei&nbsp;Li <a href=\"https:\/\/thehackernews.com\/2026\/04\/adobe-reader-zero-day-exploited-via.html\">disclosed<\/a> details of&nbsp;zero-day exploitation of the&nbsp;flaw to&nbsp;run malicious JavaScript code when opening specially crafted PDF&nbsp;documents through Adobe&nbsp;Reader. There is evidence suggesting that the vulnerability may have been under exploitation since December&nbsp;2025.<\/p>\n<p>&#8220;It appears that Adobe has determined the bug can lead to arbitrary code execution &#8212; not just an information leak,&#8221;&nbsp;EXPMON <a href=\"https:\/\/x.com\/EXPMON_\/status\/2042982865345135006\">said<\/a> in a post on X. &#8220;This aligns with our findings and those of other security researchers over the last few&nbsp;days.&#8221;<\/p>\n<p><em>(The story was updated after publication to reflect the change in CVSS score from 9.6&#160;to 8.6. In&#160;a revision to its advisory on April 12, 2026, Adobe said it adjusted the attack vector from Network (AV:N) to Local&#160;(AV:L).)<\/em><\/p>\n<div><\/div>\n<div>Found this article interesting?  Follow us on <a href='https:\/\/news.google.com\/publications\/CAAqLQgKIidDQklTRndnTWFoTUtFWFJvWldoaFkydGxjbTVsZDNNdVkyOXRLQUFQAQ' rel='noopener' target='_blank'>Google News<\/a>, <a href='https:\/\/twitter.com\/thehackersnews' rel='noopener' target='_blank'>Twitter<\/a> and <a href='https:\/\/www.linkedin.com\/company\/thehackernews\/' rel='noopener' target='_blank'>LinkedIn<\/a> to read more exclusive content we post.<\/div>\n","protected":false},"excerpt":{"rendered":"<p>Adobe has released emergency updates to fix a critical security flaw in Acrobat Reader that&nbsp;has come under active exploitation in the&nbsp;wild.<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[6],"tags":[],"class_list":["post-45333","post","type-post","status-publish","format-standard","hentry","category-thehackernews"],"_links":{"self":[{"href":"https:\/\/nuoya.nuoyayasuo.top\/index.php\/wp-json\/wp\/v2\/posts\/45333","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/nuoya.nuoyayasuo.top\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/nuoya.nuoyayasuo.top\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/nuoya.nuoyayasuo.top\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/nuoya.nuoyayasuo.top\/index.php\/wp-json\/wp\/v2\/comments?post=45333"}],"version-history":[{"count":0,"href":"https:\/\/nuoya.nuoyayasuo.top\/index.php\/wp-json\/wp\/v2\/posts\/45333\/revisions"}],"wp:attachment":[{"href":"https:\/\/nuoya.nuoyayasuo.top\/index.php\/wp-json\/wp\/v2\/media?parent=45333"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/nuoya.nuoyayasuo.top\/index.php\/wp-json\/wp\/v2\/categories?post=45333"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/nuoya.nuoyayasuo.top\/index.php\/wp-json\/wp\/v2\/tags?post=45333"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}