19 matches found
EUVD-2026-22706
InCopy versions 20.5.2, 21.2 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user...
CVE-2026-34631 InCopy | Out-of-bounds Write (CWE-787)
InCopy versions 20.5.2, 21.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
CVE-2026-34631
InCopy versions 20.5.2, 21.2 and earlier are affected by an out-of-bounds write (CWE-787) that could allow arbitrary code execution in the context of the current user. Exploitation requires user interaction: a victim must open a malicious file. Affected product/version details are provided in bot...
CVE-2026-27287 InCopy | Out-of-bounds Read (CWE-125)
InCopy versions 20.5.2, 21.2 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user...
EUVD-2026-22440
InDesign Desktop versions 20.5.2, 21.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to crash the application or disrupt its functionality. Exploitation of this issue requires...
EUVD-2026-22436
InDesign Desktop versions 20.5.2, 21.2 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
EUVD-2026-22438
InDesign Desktop versions 20.5.2, 21.2 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the curre...
CVE-2026-34627
InDesign Desktop versions 20.5.2, 21.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
CVE-2026-27283
InDesign Desktop versions 20.5.2, 21.2 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
CVE-2026-34628 InDesign Desktop | Heap-based Buffer Overflow (CWE-122)
InDesign Desktop versions 20.5.2, 21.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
CVE-2026-27284
CVE-2026-27284 affects InDesign Desktop versions 20.5.2, 21.2 and earlier. It is an out-of-bounds read vulnerability (CWE-125) that occurs when parsing a crafted file, potentially causing code execution in the context of the current user. Exploitation requires user interaction (the victim must op...
CVE-2026-27286
CVE-2026-27286 affects Adobe InDesign Desktop versions 20.5.2, 21.2 and earlier. The issue is a heap-based buffer overflow that could lead to memory exposure. Exploitation requires that a user opens a malicious file, indicating a user interaction prerequisite. Affected component is the InDesign D...
CVE-2026-27283
CVE-2026-27283 : InDesign Desktop versions 20.5.2, 21.2 and earlier are affected by a Use-After-Free (CWE-416) vulnerability that could lead to arbitrary code execution in the context of the current user. Exploitation requires user interaction: a victim must open a malicious file. Affected produc...
CVE-2026-27283 InDesign Desktop | Use After Free (CWE-416)
InDesign Desktop versions 20.5.2, 21.2 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
CVE-2026-27238 InDesign Desktop | Heap-based Buffer Overflow (CWE-122)
InDesign Desktop versions 20.5.2, 21.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
CVE-2026-27291 InDesign Desktop | Out-of-bounds Write (CWE-787)
InDesign Desktop versions 20.5.2, 21.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
CVE-2026-27291 InDesign Desktop | Out-of-bounds Write (CWE-787)
InDesign Desktop versions 20.5.2, 21.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
PT-2026-32701
Name of the Vulnerable Software and Affected Versions Adobe InDesign versions prior to 20.5.3 Adobe InDesign versions prior to 21.3 Description A heap-based buffer overflow occurs in the dynamic memory of the application. This issue can be triggered when a user opens a malicious file, potentially...
PT-2026-32702
Name of the Vulnerable Software and Affected Versions InDesign Desktop versions prior to 20.5.3 and 21.3 Description A heap-based buffer overflow occurs when a program writes more data to a heap-allocated memory block than it can hold. This issue allows an attacker to disclose sensitive informati...