EUVD-2026-22652

InDesign Desktop versions 20.5.2, 21.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

Adobe InDesign < 20.5.3 / 21.0 < 21.3.0 Multiple Vulnerabilities (APSB26-32)

The version of Adobe InDesign installed on the remote Windows host is prior to 20.5.3, 21.3.0. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB26-32 advisory. - Heap-based Buffer Overflow CWE-122 potentially leading to Arbitrary code execution CVE-2026-34627,...

EUVD-2025-93469

InDesign Desktop versions 20.5, 19.5.5 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2025-61814 InDesign Desktop | Use After Free (CWE-416)

InDesign Desktop versions 20.5, 19.5.5 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

PT-2025-46449

Name of the Vulnerable Software and Affected Versions InDesign Desktop versions 20.5, 19.5.5 and earlier Description InDesign Desktop versions 20.5, 19.5.5 and earlier are susceptible to a Heap-based Buffer Overflow. Successful exploitation of this issue could lead to arbitrary code execution wit...

EUVD-2024-43442

Malicious code in bioql PyPI...

CVE-2025-54213

InDesign Desktop versions 20.4, 19.5.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2025-47136

InDesign Desktop versions 19.5.3 and earlier are affected by an Integer Underflow Wrap or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2025-43589

InDesign Desktop versions ID20.2, ID19.5.3 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2025-27166

InDesign Desktop versions ID20.1, ID19.5.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

Adobe InDesign 代码问题漏洞

Adobe InDesign is a set of layout and editing applications from the American company Audobee Adobe. A null pointer dereference vulnerability exists in Adobe InDesign version ID20.1, ID19.5.2 and earlier versions, which can be exploited by an attacker to cause a denial of service in the applicatio...

CVE-2023-29316

Adobe InDesign versions ID18.3 and earlier and ID17.4.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user...

CVE-2023-29318

Adobe InDesign versions ID18.3 and earlier and ID17.4.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user...

CVE-2022-30661

Adobe InDesign versions 17.2.1 and earlier and 16.4.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a maliciou...

CVE-2022-30658

Adobe InDesign versions 17.2.1 and earlier and 16.4.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a maliciou...

CVE-2020-9729

A memory corruption vulnerability exists in InDesign 15.1.1 and earlier versions. Insecure handling of a malicious indd file could be abused to cause an out-of-bounds memory access, potentially resulting in code execution in the context of the current user...

CVE-2020-9727

A memory corruption vulnerability exists in InDesign 15.1.1 and earlier versions. Insecure handling of a malicious indd file could be abused to cause an out-of-bounds memory access, potentially resulting in code execution in the context of the current user...

CVE-2018-4927

Adobe InDesign versions 13.0 and below have an exploitable Untrusted Search Path vulnerability. Successful exploitation could lead to local privilege escalation...