CVE-2026-34629 InDesign Desktop | Heap-based Buffer Overflow (CWE-122)

InDesign Desktop versions 20.5.2, 21.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2026-34627 InDesign Desktop | Heap-based Buffer Overflow (CWE-122)

InDesign Desktop versions 20.5.2, 21.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2026-34627 InDesign Desktop | Heap-based Buffer Overflow (CWE-122)

InDesign Desktop versions 20.5.2, 21.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2026-34627

CVE-2026-34627 affects InDesign Desktop versions 20.5.2, 21.2 and earlier. It is a heap-based buffer overflow that could lead to arbitrary code execution in the current user’s context. Exploitation requires user interaction (victim opens a malicious file). CVSS v3.1: 7.8 ( HIGH ) with LOCAL attac...

CVE-2026-27284 InDesign Desktop | Out-of-bounds Read (CWE-125)

InDesign Desktop versions 20.5.2, 21.2 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the curre...

CVE-2026-27284 InDesign Desktop | Out-of-bounds Read (CWE-125)

InDesign Desktop versions 20.5.2, 21.2 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the curre...

CVE-2026-27284

CVE-2026-27284 affects InDesign Desktop versions 20.5.2, 21.2 and earlier. It is an out-of-bounds read vulnerability (CWE-125) that occurs when parsing a crafted file, potentially causing code execution in the context of the current user. Exploitation requires user interaction (the victim must op...

CVE-2026-27286 InDesign Desktop | Heap-based Buffer Overflow (CWE-122)

InDesign Desktop versions 20.5.2, 21.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to disclose sensitive information stored in memory. Exploitation of this issue requires user interaction ...

CVE-2026-27285 InDesign Desktop | Heap-based Buffer Overflow (CWE-122)

InDesign Desktop versions 20.5.2, 21.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to crash the application or disrupt its functionality. Exploitation of this issue requires...

CVE-2026-27286 InDesign Desktop | Heap-based Buffer Overflow (CWE-122)

InDesign Desktop versions 20.5.2, 21.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to disclose sensitive information stored in memory. Exploitation of this issue requires user interaction ...

CVE-2026-27285

CVE-2026-27285 affects InDesign Desktop (versions 20.5.2, 21.2 and earlier). The issue is a heap-based buffer overflow (CWE-122) in InDesign Desktop, which could lead to a denial-of-service. Exploitation requires user interaction: a victim must open a malicious file. The available documents provi...

CVE-2026-27286

CVE-2026-27286 affects Adobe InDesign Desktop versions 20.5.2, 21.2 and earlier. The issue is a heap-based buffer overflow that could lead to memory exposure. Exploitation requires that a user opens a malicious file, indicating a user interaction prerequisite. Affected component is the InDesign D...

CVE-2026-27283 InDesign Desktop | Use After Free (CWE-416)

InDesign Desktop versions 20.5.2, 21.2 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2026-27283

CVE-2026-27283 : InDesign Desktop versions 20.5.2, 21.2 and earlier are affected by a Use-After-Free (CWE-416) vulnerability that could lead to arbitrary code execution in the context of the current user. Exploitation requires user interaction: a victim must open a malicious file. Affected produc...

CVE-2026-27283 InDesign Desktop | Use After Free (CWE-416)

InDesign Desktop versions 20.5.2, 21.2 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2026-27238 InDesign Desktop | Heap-based Buffer Overflow (CWE-122)

InDesign Desktop versions 20.5.2, 21.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2026-27238 InDesign Desktop | Heap-based Buffer Overflow (CWE-122)

InDesign Desktop versions 20.5.2, 21.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2026-27238

CVE-2026-27238 affects Adobe InDesign Desktop, specifically versions 20.5.2, 21.2 and earlier. It is a Heap-based Buffer Overflow (CWE-122) that could allow arbitrary code execution in the context of the current user. Exploitation requires user interaction: a victim must open a malicious file. Th...

CVE-2026-27291 InDesign Desktop | Out-of-bounds Write (CWE-787)

InDesign Desktop versions 20.5.2, 21.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2026-27291

CVE-2026-27291 affects Adobe InDesign Desktop. Affected versions: 20.5.2, 21.2 and earlier. The issue is an out-of-bounds write (CWE-787) that could permit arbitrary code execution in the context of the current user. Exploitation requires user interaction, specifically the victim opening a malici...