Adobe Acrobat Reader is vulnerable to prototype pollution, which can result in arbitrary code execution when a victim opens a malicious file.
Description
Adobe Acrobat Reader is vulnerable to prototype pollution, which can result in arbitrary code execution when a victim opens a malicious file.
AI Analyst Comment
Remediation
Update Acrobat Reader Multiple Products to the latest version. Monitor for exploitation attempts and review access logs.
CISA KEV Details
Deadline: April 26, 2026
Required Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
---METADATA---
VENDOR: Adobe
PRODUCT: Acrobat Reader
AFFECTED_VERSIONS: 24.001.30356, 26.001.21367 and earlier
---END_METADATA---
Description Summary:
Adobe Acrobat Reader is vulnerable to prototype pollution, which can result in arbitrary code execution when a victim opens a malicious file.
Executive Summary:
A critical prototype pollution vulnerability in Adobe Acrobat Reader allows attackers to execute arbitrary code on the victim's machine through malicious file interaction.
Vulnerability Details
CVE-ID: CVE-2026-34621
Affected Software: Adobe Acrobat Reader
Affected Versions: 24.001.30356, 26.001.21367 and earlier
Vulnerability: This is a prototype pollution vulnerability that allows for the modification of object attributes. Exploitation requires user interaction, specifically the opening of a malicious file, which then triggers arbitrary code execution in the user's context.
Business Impact
With a CVSS score of 9.6, this is a critical vulnerability. An attacker can gain control over a user's workstation, potentially accessing sensitive documents, credentials, and internal network resources, leading to significant reputational and operational damage.
Remediation Plan
Immediate Action: Update Adobe Acrobat Reader to the latest patched version immediately.
Proactive Monitoring: Monitor for suspicious file access patterns or unusual application behavior following the opening of unexpected documents.
Compensating Controls: Implement endpoint protection (EDR) to detect and block malicious code execution originating from PDF reader processes.
Exploitation Status
Public Exploit Available: No
Analyst Notes: As of April 11, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
Organizations should mandate that all users update Acrobat Reader to the latest version to prevent potential client-side exploitation. User awareness training regarding opening unsolicited documents is also recommended.