CVE-2026-34621
Adobe Acrobat and Reader Prototype Pollution Vulnerability - [Actively Exploited]
Description
Acrobat Reader versions 24.001.30356, 26.001.21367 and earlier are affected by an Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
INFO
Published Date :
April 11, 2026, 7:16 a.m.
Last Modified :
April 13, 2026, 9:23 p.m.
Remotely Exploit :
Yes !
Source :
[email protected]
CISA KEV (Known Exploited Vulnerabilities)
For the benefit of the cybersecurity community and network defenders—and to help every organization better manage vulnerabilities and keep pace with threat activity—CISA maintains the authoritative source of vulnerabilities that have been exploited in the wild.
Adobe Acrobat and Reader contain a prototype pollution vulnerability that allows for arbitrary code execution.
Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
Unknown
https://helpx.adobe.com/security/products/acrobat/apsb26-43.html ; https://nvd.nist.gov/vuln/detail/CVE-2026-34621
Affected Products
The following products are affected by CVE-2026-34621
vulnerability.
Even if cvefeed.io is aware of the exact versions of the
products
that
are
affected, the information is not represented in the table below.
CVSS Scores
| Score | Version | Severity | Vector | Exploitability Score | Impact Score | Source |
|---|---|---|---|---|---|---|
| CVSS 3.1 | CRITICAL | 078d4453-3bcd-4900-85e6-15281da43538 | ||||
| CVSS 3.1 | CRITICAL | [email protected] | ||||
| CVSS 3.1 | HIGH | [email protected] |
Solution
- Update Adobe Acrobat Reader to the latest version.
- Ensure all users update their Reader software.
- Educate users about opening malicious files.
Public PoC/Exploit Available at Github
CVE-2026-34621 has a 9 public
PoC/Exploit available at Github.
Go to the Public Exploits tab to see the list.
References to Advisories, Solutions, and Tools
Here, you will find a curated list of external links that provide in-depth
information, practical solutions, and valuable tools related to
CVE-2026-34621.
| URL | Resource |
|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb26-43.html | Vendor Advisory |
| https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-34621 | US Government Resource |
CWE - Common Weakness Enumeration
While CVE identifies
specific instances of vulnerabilities, CWE categorizes the common flaws or
weaknesses that can lead to vulnerabilities. CVE-2026-34621 is
associated with the following CWEs:
Common Attack Pattern Enumeration and Classification (CAPEC)
Common Attack Pattern Enumeration and Classification
(CAPEC)
stores attack patterns, which are descriptions of the common attributes and
approaches employed by adversaries to exploit the CVE-2026-34621
weaknesses.
We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).
Acrobat Reader | Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') (CWE-1321)
Python
None
A sophisticated, cross-platform exploit generator for **CVE-2026-34621** – a critical prototype pollution vulnerability in Adobe Acrobat and Reader that leads to sandbox escape and arbitrary code execution on Windows and macOS.
Python
None
JavaScript
None
PowerShell
Acrobat Reader versions 24.001.30356, 26.001.21367 and earlier are affected by an Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') vulnerability that could result in arbitrary code execution in the context of the current user.
None
Threat Hunting based on KQL
📡 PoC auto collect from GitHub. ⚠️ Be careful Malware.
security cve exploit poc vulnerability
Results are limited to the first 15 repositories due to potential performance issues.
The following list is the news that have been mention
CVE-2026-34621 vulnerability anywhere in the article.
-
Help Net Security
Week in review: Acrobat Reader flaw exploited, Claude Mythos offensive capabilities and limits
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Bringing governance and visibility to machine and AI identities In this Help Net Security interview, A ... Read more
-
TheCyberThrone
Microsoft Defender Under Siege
OverviewThree zero-day exploits targeting Microsoft Defender — BlueHammer, RedSun, and UnDefend — have been confirmed exploited in the wild by threat actors. All three were publicly released on GitHub ... Read more
-
TheCyberThrone
Fortinet FortiSandbox — Critical Vulnerability Advisory
April 16, 2026Fortinet published a sweeping security advisory on April 14, 2026, disclosing multiple vulnerabilities across its FortiSandbox platform. Two of the flaws are rated Critical with unauthen ... Read more
-
The Hacker News
April Patch Tuesday Fixes Critical Flaws Across SAP, Adobe, Microsoft, Fortinet, and More
A number of critical vulnerabilities impacting products from Adobe, Fortinet, Microsoft, and SAP have taken center stage in April's Patch Tuesday releases. Topping the list is an SQL injection vulnera ... Read more
-
The Cyber Express
Ivanti Neurons ITSM Vulnerabilities Could Allow Session Persistence
A newly disclosed set of ITSM vulnerabilities in Ivanti Neurons has been reported. The flaws could allow attackers to retain access to enterprise systems under certain conditions. The issues, tracked ... Read more
-
The Cyber Express
Microsoft Fixes 167 Vulnerabilities in Latest Patch Tuesday Update
Microsoft’s Patch Tuesday April 2026 release has introduced one of the most extensive security update rollouts of the year, addressing a total of 167 vulnerabilities across Windows operating systems a ... Read more
-
TheCyberThrone
Microsoft Patch Tuesday — April 2026
TheCyberThrone | Vulnerability Advisory | April 15, 2026Volume & Scale — A Near-Record ReleaseMicrosoft patched 163 CVEs in the April 2026 Patch Tuesday release — the second largest Patch Tuesday on r ... Read more
-
Daily CyberSecurity
CISA Adds 7 Fresh Exploits to KEV Catalog
The Cybersecurity and Infrastructure Security Agency (CISA) has expanded its Known Exploited Vulnerabilities (KEV) Catalog, adding seven high-risk flaws that are currently being weaponized by maliciou ... Read more
-
security.nl
NCSC verwacht grootschalig misbruik van kritiek Adobe Acrobat-lek
Het Nationaal Cyber Security Centrum (NCSC) verwacht op korte termijn grootschalig misbruik van een kritieke kwetsbaarheid in Adobe Acrobat, nu proof-of-concept exploitcode op internet is verschenen. ... Read more
-
The Cyber Express
Hackers Exploit Kali Forms Vulnerability to Take Over WordPress Sites
A recently disclosed Kali Forms vulnerability affecting a widely used WordPress plugin has escalated into an active security threat, enabling unauthenticated attackers to achieve Remote Code Execution ... Read more
-
TheCyberThrone
CISA Adds Seven Vulnerabilities to KEV Catalog — April 13, 2026
CISA has expanded the Known Exploited Vulnerabilities catalog with seven new entries on April 13, 2026, based on evidence of active exploitation. The batch spans three vendors — Microsoft, Adobe, and ... Read more
-
The Register
Zombie Microsoft bugs rise from the dead, pave way for crims and ransomware scum
Crooks are exploiting four Microsoft vulnerabilities - one patched 14 years ago and another tied to ransomware activity - according to America's lead cyber-defense agency, which on Monday gave federal ... Read more
-
Help Net Security
Hackers hijacked CPUID downloads, served STX RAT to victims
If you tried to download software from CPUID’s website late last week, you might have downloaded malware instead. “Investigations are still ongoing, but it appears that a secondary feature (basically ... Read more
-
The Hacker News
⚡ Weekly Recap: Fiber Optic Spying, Windows Rootkit, AI Vulnerability Hunting and More
Monday is back, and the weekend’s backlog of chaos is officially hitting the fan. We are tracking a critical zero-day that has been quietly living in your PDFs for months, plus some aggressive state-s ... Read more
-
The Register
Adobe finally patches PDF pest after months of abuse
Adobe has released a fix for an Acrobat and Reader zero-day that attackers had been exploiting for months. The patch, shipped on April 11, addresses CVE-2026-34621, a critical vulnerability in Acrobat ... Read more
-
Help Net Security
Adobe issues emergency fix for Acrobat Reader flaw exploited in the wild (CVE-2026-34621)
Adobe has pushed out an emergency security update for Adobe Acrobat Reader, patching a zero-day vulnerability (CVE-2026-34621) exploited in the wild since November 2025. About CVE-2026-34621 CVE-2026- ... Read more
-
CybersecurityNews
Adobe Patches Acrobat Reader 0-Day Vulnerability Exploited in the Wild
Adobe has issued an emergency security patch to neutralize a critical zero-day vulnerability in Acrobat Reader that is currently being exploited in the wild. Tracked as CVE-2026-34621, this severe fla ... Read more
-
The Cyber Express
Adobe Patches Actively Exploited Acrobat Reader Flaw CVE-2026-34621
Adobe has issued emergency security updates addressing a severe Acrobat Reader flaw tracked as CVE-2026-34621, a high-impact Adobe vulnerability that has already been observed being exploited in real- ... Read more
-
security.nl
Adobe komt met noodpatch voor actief aangevallen lek in Acrobat Reader
Adobe heeft een noodpatch uitgebracht voor een actief aangevallen kwetsbaarheid in Acrobat Reader. Via het kritieke beveiligingslek (CVE-2026-34621) kan een aanvaller willekeurige code uitvoeren als e ... Read more
-
Daily CyberSecurity
The CVE Watchtower: Weekly Threat Intelligence Briefing (April 6 – April 12, 2026)
Welcome to this week’s vulnerability digest. As we close out the first full week of April, security teams are faced with a challenging landscape of critical zero-days, active exploitations, and severe ... Read more
The following table lists the changes that have been made to the
CVE-2026-34621 vulnerability over time.
Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.
-
Initial Analysis by [email protected]
Apr. 13, 2026
Action Type Old Value New Value Added CPE Configuration AND OR *cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:* versions up to (excluding) 26.001.21411 *cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:* versions up to (excluding) 26.001.21411 OR cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:* cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:* Added CPE Configuration AND OR *cpe:2.3:a:adobe:acrobat:*:*:*:*:classic:*:*:* versions from (including) 24.0.0 up to (excluding) 24.001.30362 OR cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:* Added CPE Configuration AND OR *cpe:2.3:a:adobe:acrobat:*:*:*:*:classic:*:*:* versions from (including) 24.0.0 up to (excluding) 24.001.30360 OR cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:* Added Reference Type Adobe Systems Incorporated: https://helpx.adobe.com/security/products/acrobat/apsb26-43.html Types: Vendor Advisory Added Reference Type CISA-ADP: https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-34621 Types: US Government Resource -
CVE Modified by 134c704f-9b21-4f2e-91b3-4a467353bcc0
Apr. 13, 2026
Action Type Old Value New Value Added Reference https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-34621 -
CVE Modified by [email protected]
Apr. 12, 2026
Action Type Old Value New Value Added CVSS V3.1 AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H Removed CVSS V3.1 AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H -
New CVE Received by [email protected]
Apr. 11, 2026
Action Type Old Value New Value Added Description Acrobat Reader versions 24.001.30356, 26.001.21367 and earlier are affected by an Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Added CVSS V3.1 AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H Added CWE CWE-1321 Added Reference https://helpx.adobe.com/security/products/acrobat/apsb26-43.html