Adobe patches Acrobat/Reader zero-day exploited through PDFs

April 14, 2026 at 04:31 PM

•

1 min read

Adobe patches Acrobat/Reader zero-day exploited through PDFs — Photo: BleepingComputer

TL;DR Summary

Adobe has issued an emergency security update for Acrobat and Reader to fix CVE-2026-34621, a zero-day that allowed malicious PDFs to bypass sandboxing and run privileged JavaScript, enabling arbitrary file reading and data exfiltration; the flaw was observed in the wild, linked to Russian-language oil-and-gas documents, with affected products including Acrobat DC, Acrobat Reader DC, and Acrobat 2024; Adobe downgraded the severity from 9.6 to 8.6 after changing the attack vector to local, and users should update via Help > Check for Updates or the official installer; exercise caution with PDFs from unknown sources and consider sandboxing suspicious files.

Topics:technology #adobe #exploit #pdf #security #zero-day

Share this article

Adobe rolls out emergency fix for Acrobat, Reader zero-day flaw BleepingComputer
Adobe Patches Actively Exploited Acrobat Reader Flaw CVE-2026-34621 The Hacker News
Adobe fixes PDF zero-day security bug that hackers have exploited for months TechCrunch
Adobe Reader zero-day vulnerability in active exploitation Sophos
Adobe finally patches PDF pest after months of abuse theregister.com

Reading Insights

Total Reads

Unique Readers

Time Saved

3 min

vs 4 min read

Condensed

85%

680 → 99 words

Want the full story? Read the original article

Read on BleepingComputer

JavaScript Required

tl;dr daily news requires JavaScript to be enabled. Please enable JavaScript in your browser settings.

Related Sources

Reading Insights