Prototype Pollution Vulnerability in Adobe Acrobat Reader Software
CVE-2026-34622

8.6HIGH

Key Information:

Vendor: Adobe
Status: Acrobat Reader
Vendor: CVE Published:; 14 April 2026

What is CVE-2026-34622?

Adobe Acrobat Reader is susceptible to a prototype pollution vulnerability that enables attackers to execute arbitrary code through the manipulation of object prototype attributes. This issue affects versions up to 26.001.21411 and specific earlier versions of 24.x. An attacker must convince a user to open a specially crafted file, leading to exploitation in the context of the user’s session, which could compromise system integrity.

Affected Version(s)

Acrobat Reader 0 <= 26.001.21411

References

https://helpx.adobe.com/security/products/acrobat/apsb26-...

vendor-advisory

CVSS V3.1

Score:

8.6

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 14, 2026
Vulnerability Reserved
Mar 30, 2026

CVE-2026-34622 Data

JSON