CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Vulnrichment•added 2026/04/14 7:44 p.m.•0 views

CVE-2026-27313 Bridge | Heap-based Buffer Overflow (CWE-122)

Bridge versions 16.0.2, 15.1.4 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE•added 2026/04/14 7:44 p.m.•13 views

CVE-2026-27313

CVE-2026-27313 affects Adobe Bridge; a Heap-based Buffer Overflow could allow arbitrary code execution in the context of the current user. Affected versions: Bridge 16.0.2, 15.1.4 and earlier. Exploitation requires user interaction (victim must open a malicious file). The issue is linked to CVE-2...

Vulnrichment•added 2026/04/14 7:24 p.m.•4 views

CVE-2026-34618 Illustrator | Out-of-bounds Write (CWE-787)

Illustrator versions 30.2, 29.8.5 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS6.3AI score0.00037EPSS

EUVD•added 2026/04/14 6:30 p.m.•1 views

EUVD-2026-22671

Adobe Connect versions 2025.3, 12.10 and earlier are affected by a Deserialization of Untrusted Data vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction. Scope is changed...

9.3CVSS6.3AI score0.04511EPSS

EUVD•added 2026/04/14 6:30 p.m.•2 views

EUVD-2026-22676

Sandbox Escape Vulnerability in Terrarium allows arbitrary code execution with root privileges on a host process via JavaScript prototype chain traversal...

9.3CVSS6.4AI score0.00026EPSS

Exploits0References3

EUVD•added 2026/04/14 6:30 p.m.•4 views

EUVD-2026-22335

Acrobat Reader versions 26.001.21411, 24.001.30360, 24.001.30362 and earlier are affected by an Improperly Controlled Modification of Object Prototype Attributes 'Prototype Pollution' vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of...

8.6CVSS6.3AI score0.00256EPSS

Exploits1References2

NVD•added 2026/04/14 6:17 p.m.•2 views

CVE-2026-5752

Sandbox Escape Vulnerability in Terrarium allows arbitrary code execution with root privileges on a host process via JavaScript prototype chain traversal...

9.3CVSS0.00026EPSS

Exploits0References3

NVD•added 2026/04/14 6:17 p.m.•1 views

CVE-2026-34615

Adobe Connect versions 2025.3, 12.10 and earlier are affected by a Deserialization of Untrusted Data vulnerability that could result in arbitrary code execution in the context of the current user. An attacker could exploit this vulnerability to inject malicious scripts into a web page, potentiall...

9.3CVSS0.04511EPSS

CVE•added 2026/04/14 5:53 p.m.•4 views

CVE-2026-5752

CVE-2026-5752 affects the Terrarium sandbox (Python-based, Pyodide/WebAssembly) used inside a container. The root cause is JavaScript prototype chain traversal that lets sandboxed code reach host environment, enabling arbitrary code execution as root within the container and potential access to s...

9.3CVSS6.4AI score0.00026EPSS

Exploits0References3

Cvelist•added 2026/04/14 5:33 p.m.•24 views

CVE-2026-27303 Adobe Connect | Deserialization of Untrusted Data (CWE-502)

Adobe Connect versions 2025.3, 12.10 and earlier are affected by a Deserialization of Untrusted Data vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must visit a maliciously craft...

9.6CVSS0.047EPSS

ATTACKERKB•added 2026/04/14 5:33 p.m.•3 views

CVE-2026-34615

Adobe Connect versions 2025.3, 12.10 and earlier are affected by a Deserialization of Untrusted Data vulnerability that could result in arbitrary code execution in the context of the current user. An attacker could exploit this vulnerability to inject malicious scripts into a web page, potentiall...

10CVSS6.3AI score0.04511EPSS

Cvelist•added 2026/04/14 5:33 p.m.•25 views

CVE-2026-34615 Adobe Connect | Deserialization of Untrusted Data (CWE-502)

Adobe Connect versions 2025.3, 12.10 and earlier are affected by a Deserialization of Untrusted Data vulnerability that could result in arbitrary code execution in the context of the current user. An attacker could exploit this vulnerability to inject malicious scripts into a web page, potentiall...

9.3CVSS0.04511EPSS

CVE•added 2026/04/14 5:33 p.m.•8 views

CVE-2026-34615

Adobe Connect (versions 2025.3, 12.10 and earlier) are affected by a Deserialization of Untrusted Data vulnerability that could lead to arbitrary code execution in the context of the current user. Exploitation does not require user interaction. Root cause: deserialization of untrusted data. Affec...

9.3CVSS6.3AI score0.04511EPSS

NVD•added 2026/04/14 5:16 p.m.•2 views

CVE-2026-34622

8.6CVSS0.00256EPSS

Exploits1References1

ATTACKERKB•added 2026/04/14 5:5 p.m.•1 views

CVE-2026-34629

InDesign Desktop versions 20.5.2, 21.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

Vulnrichment•added 2026/04/14 5:5 p.m.•1 views

CVE-2026-34629 InDesign Desktop | Heap-based Buffer Overflow (CWE-122)

Cvelist•added 2026/04/14 5:5 p.m.•22 views

CVE-2026-34629 InDesign Desktop | Heap-based Buffer Overflow (CWE-122)

7.8CVSS0.00029EPSS

CVE•added 2026/04/14 5:5 p.m.•8 views

CVE-2026-34629

CVE-2026-34629 affects Adobe InDesign Desktop up to version 21.2 (and 20.5.2 and earlier). It describes a heap-based buffer overflow in the application that could lead to arbitrary code execution in the context of the current user. Exploitation requires user interaction: a victim must open a mali...

ATTACKERKB•added 2026/04/14 5:5 p.m.•1 views

CVE-2026-34627