NULL Pointer Dereference Vulnerability in InDesign by Adobe
CVE-2026-34703
5.5MEDIUM
What is CVE-2026-34703?
A NULL Pointer Dereference vulnerability exists in InDesign Desktop software, specifically in versions 21.3, 20.5.3, and earlier. An attacker can exploit this flaw by tricking users into opening a specially crafted malicious file, leading to a crash of the application and subsequently causing a denial-of-service condition. It is crucial for users to ensure they do not interact with suspicious files to mitigate the risk associated with this vulnerability.
Affected Version(s)
InDesign Desktop 0 <= 20.5.3