May "In the Trend of VM" (#27): high-profile vulnerabilities in Linux, ActiveMQ, SharePoint, and Adobe Acrobat Reader

May "In the Trend of VM" 27: high-profile vulnerabilities in Linux, ActiveMQ, SharePoint, and Adobe Acrobat Reader. Presenting the traditional monthly roundup of trending vulnerabilities according to Positive Technologies. While the previous April edition featured only one vulnerability, this one...

Patch Tuesday, April 2026 Edition

Microsoft today pushed software updates to fix a staggering 167 security vulnerabilities in its Windows operating systems and related software, including a SharePoint Server zero-day and a publicly disclosed weakness in Windows Defender dubbed "BlueHammer." Separately, Google Chrome fixed its...

About Remote Code Execution - Adobe Reader (CVE-2026-34621) vulnerability

About Remote Code Execution - Adobe Reader CVE-2026-34621 vulnerability. Adobe Acrobat Reader from 2003 to 2015, "Adobe Reader" is a free PDF viewer developed by Adobe. Versions are available for Windows, macOS, Android, and iOS. The remote code execution vulnerability in Adobe Acrobat for Window...

Adobe Reader < 26.001.21431 Multiple Vulnerabilities (APSB26-44)

The version of Adobe Reader installed on the remote Windows host is a version prior to 26.001.21431. It is, therefore, affected by multiple vulnerabilities. - Acrobat Reader versions 26.001.21411, 24.001.30360, 24.001.30362 and earlier are affected by an Improperly Controlled Modification of Obje...

Adobe Reader < 26.001.21431 Multiple Vulnerabilities (APSB26-44) (macOS)

The version of Adobe Reader installed on the remote macOS host is a version prior to 26.001.21431. It is, therefore, affected by multiple vulnerabilities. - Acrobat Reader versions 26.001.21411, 24.001.30360, 24.001.30362 and earlier are affected by an Improperly Controlled Modification of Object...

Simply opening a PDF could trigger this Adobe Reader zero-day

Opening the wrong PDF in Adobe Reader was enough to let criminals quietly spy on your computer and unleash more attacks, even though everything looked normal. A researcher analyzed a malicious PDF and found that it abused a previously unknown flaw a “zero‑day” in Adobe Acrobat Reader. When a vict...

VulnCheck KEV: CVE-2020-9715

Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and earlier, and 2015.006.30523 and earlier have an use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution...

Adobe Reader < 26.001.21411 Vulnerability (APSB26-43)

The version of Adobe Reader installed on the remote Windows host is a version prior to 26.001.21411. It is, therefore, affected by a vulnerability. - Acrobat Reader versions 24.001.30356, 26.001.21367 and earlier are affected by an Improperly Controlled Modification of Object Prototype Attributes...

APSB26-43 : Security update available for Adobe Acrobat Reader

Adobe has released a security update for Adobe Acrobat and Reader for Windows and macOS. This update addresses a critical vulnerability. Successful exploitation could lead to arbitrary code execution...

Adobe Reader < 26.001.21411 Vulnerability (APSB26-43) (macOS)

The version of Adobe Reader installed on the remote macOS host is a version prior to 26.001.21411. It is, therefore, affected by a vulnerability. - Acrobat Reader versions 24.001.30356, 26.001.21367 and earlier are affected by an Improperly Controlled Modification of Object Prototype Attributes...

Adobe Reader Zero-Day Exploited to Steal Data via Malicious PDFs

An Adobe Reader zero-day vulnerability is being actively exploited via malicious PDFs, allowing hackers to steal data without user interaction, with no patch available...

Adobe Reader Zero-Day Exploited via Malicious PDFs Since December 2025

Threat actors have been exploiting a previously unknown zero-day vulnerability in Adobe Reader using maliciously crafted PDF documents since at least December 2025. The finding, detailed by EXPMON's Haifei Li, has been described as a highly-sophisticated PDF exploit. The artifact "Invoice540.pdf"...

PT-2026-32051

Уязвимость прикладного программного интерфейса util.readFileIntoStream программы просмотра и редактирования PDF-файлов Adobe Reader связана с выходом операции за границы буфера в памяти. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, выполнить произвольный JavaScript-к...

CVE-2026-34621

creationtimestamp| type| source ---|---|--- 2026-04-07 04:00:00+00:00| published-proof-of-concept| https://justhaifei1.blogspot.com/2026/04/expmon-detected-sophisticated-zero-day-adobe-reader.html 2026-04-11 04:00:00+00:00| exploited| https://helpx.adobe.com/security/products/acrobat/apsb26-43.ht...

Adobe Reader < 25.001.21288 Multiple Vulnerabilities (APSB26-26)

The version of Adobe Reader installed on the remote Windows host is a version prior to 25.001.21288. It is, therefore, affected by multiple vulnerabilities. - Acrobat Reader versions 24.001.30307, 24.001.30308, 25.001.21265 and earlier are affected by a Use After Free vulnerability that could...

MiracleLinux 4 : nspluginwrapper-1.4.4-1.AXS4 (AXSA:2012-1033:01)

The remote MiracleLinux 4 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2012-1033:01 advisory. nspluginwrapper makes it possible to use Netscape 4 compatible plugins compiled for x8664 into Mozilla for another architecture, e.g. x8664. This package...

CVE-2019-7020

Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have a buffer errors vulnerability. Successful exploitation could lead to arbitrary code execution...

CVE-2019-7024

Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure...

CVE-2019-7047

Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure...

CVE-2019-7081

Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure...