CVE-2026-34621 - Vulnerability Analysis
CriticalCVSS: 9.6Last Updated: April 11, 2026
Acrobat Reader - Remote Code Execution
Published: April 11, 2026Updated: April 11, 2026Remote Exploitable
Overview
Acrobat Reader <= 24.001.30356, 26.001.21367 contains a prototype pollution vulnerability caused by improperly controlled modification of object prototype attributes, letting attackers execute arbitrary code in the context of the current user, exploit requires victim to open a malicious file.
Severity & Score
Severity: Critical
CVSS Score: 9.6
Impact
Attackers can execute arbitrary code as the current user, potentially compromising the user's system.
Mitigation
Update to the latest version beyond 26.001.21367.
Related Resources
Details
- CVE ID
- CVE-2026-34621
- Severity
- Critical
- CVSS Score
- 9.6
- Type
- prototype_pollution
- Status
- new
CWE
- CWE-1321
CVSS Metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H