Out-of-Bounds Read Vulnerability in InDesign Desktop by Adobe
CVE-2026-34705

5.5MEDIUM

Key Information:

Vendor

Adobe

Vendor
CVE Published:
9 June 2026

What is CVE-2026-34705?

Adobe InDesign Desktop versions up to 21.3 and earlier are susceptible to an out-of-bounds read vulnerability. This flaw could allow an attacker to disclose sensitive information stored in memory. Successful exploitation of this vulnerability requires user interaction, as it necessitates that the victim opens a specially crafted malicious file. Users are advised to apply updates and take caution when handling unknown files to mitigate potential risks.

Affected Version(s)

InDesign Desktop 0 <= 20.5.3

References

CVSS V3.1

Score:
5.5
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.