CVE-2026-34622 - Vulnerability Analysis
HighCVSS: 8.6Last Updated: April 14, 2026
Acrobat Reader - Remote Code Execution
Published: April 14, 2026Updated: April 14, 2026
Overview
Acrobat Reader <= 26.001.21411, 24.001.30360, 24.001.30362 contains a prototype pollution vulnerability caused by improperly controlled modification of object prototype attributes, letting attackers execute arbitrary code in the context of the current user, exploit requires victim to open a malicious file.
Severity & Score
Severity: High
CVSS Score: 8.6
Impact
Attackers can execute arbitrary code as the current user, potentially compromising the user's system.
Mitigation
Update to the latest version of Acrobat Reader.
Related Resources
Details
- CVE ID
- CVE-2026-34622
- Severity
- High
- CVSS Score
- 8.6
- Type
- prototype_pollution
- Status
- new
CWE
- CWE-1321
CVSS Metrics
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H