CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

EUVD•added 2026/04/14 6:30 p.m.•2 views

EUVD-2026-22676

Sandbox Escape Vulnerability in Terrarium allows arbitrary code execution with root privileges on a host process via JavaScript prototype chain traversal...

9.3CVSS6.4AI score0.00026EPSS

Exploits0References3

EUVD•added 2026/04/14 6:30 p.m.•4 views

EUVD-2026-22335

Acrobat Reader versions 26.001.21411, 24.001.30360, 24.001.30362 and earlier are affected by an Improperly Controlled Modification of Object Prototype Attributes 'Prototype Pollution' vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of...

8.6CVSS6.3AI score0.00256EPSS

Exploits1References2

NVD•added 2026/04/14 6:17 p.m.•1 views

CVE-2026-5752

Sandbox Escape Vulnerability in Terrarium allows arbitrary code execution with root privileges on a host process via JavaScript prototype chain traversal...

9.3CVSS0.00026EPSS

Exploits0References3

NVD•added 2026/04/14 6:17 p.m.•1 views

CVE-2026-34615

Adobe Connect versions 2025.3, 12.10 and earlier are affected by a Deserialization of Untrusted Data vulnerability that could result in arbitrary code execution in the context of the current user. An attacker could exploit this vulnerability to inject malicious scripts into a web page, potentiall...

9.3CVSS0.04511EPSS

CVE•added 2026/04/14 5:53 p.m.•4 views

CVE-2026-5752

CVE-2026-5752 affects the Terrarium sandbox (Python-based, Pyodide/WebAssembly) used inside a container. The root cause is JavaScript prototype chain traversal that lets sandboxed code reach host environment, enabling arbitrary code execution as root within the container and potential access to s...

9.3CVSS6.4AI score0.00026EPSS

Exploits0References3

Cvelist•added 2026/04/14 5:33 p.m.•24 views

CVE-2026-27303 Adobe Connect | Deserialization of Untrusted Data (CWE-502)

Adobe Connect versions 2025.3, 12.10 and earlier are affected by a Deserialization of Untrusted Data vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must visit a maliciously craft...

9.6CVSS0.047EPSS

ATTACKERKB•added 2026/04/14 5:33 p.m.•3 views

CVE-2026-34615

Adobe Connect versions 2025.3, 12.10 and earlier are affected by a Deserialization of Untrusted Data vulnerability that could result in arbitrary code execution in the context of the current user. An attacker could exploit this vulnerability to inject malicious scripts into a web page, potentiall...

10CVSS6.3AI score0.04511EPSS

Cvelist•added 2026/04/14 5:33 p.m.•25 views

CVE-2026-34615 Adobe Connect | Deserialization of Untrusted Data (CWE-502)

Adobe Connect versions 2025.3, 12.10 and earlier are affected by a Deserialization of Untrusted Data vulnerability that could result in arbitrary code execution in the context of the current user. An attacker could exploit this vulnerability to inject malicious scripts into a web page, potentiall...

9.3CVSS0.04511EPSS

CVE•added 2026/04/14 5:33 p.m.•4 views

CVE-2026-34615

Adobe Connect (versions 2025.3, 12.10 and earlier) are affected by a Deserialization of Untrusted Data vulnerability that could lead to arbitrary code execution in the context of the current user. Exploitation does not require user interaction. Root cause: deserialization of untrusted data. Affec...

9.3CVSS6.3AI score0.04511EPSS

Exploits0References1Affected Software1

NVD•added 2026/04/14 5:16 p.m.•2 views

CVE-2026-34622

8.6CVSS0.00256EPSS

Exploits1References1

ATTACKERKB•added 2026/04/14 5:5 p.m.•1 views

CVE-2026-34629

InDesign Desktop versions 20.5.2, 21.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

Cvelist•added 2026/04/14 5:5 p.m.•21 views

CVE-2026-34629 InDesign Desktop | Heap-based Buffer Overflow (CWE-122)

7.8CVSS0.00029EPSS

Vulnrichment•added 2026/04/14 5:5 p.m.•0 views

CVE-2026-34629 InDesign Desktop | Heap-based Buffer Overflow (CWE-122)

CVE•added 2026/04/14 5:5 p.m.•7 views

CVE-2026-34629

CVE-2026-34629 affects Adobe InDesign Desktop up to version 21.2 (and 20.5.2 and earlier). It describes a heap-based buffer overflow in the application that could lead to arbitrary code execution in the context of the current user. Exploitation requires user interaction: a victim must open a mali...

Exploits0References1Affected Software1

ATTACKERKB•added 2026/04/14 5:5 p.m.•1 views

CVE-2026-34627

Cvelist•added 2026/04/14 4:45 p.m.•27 views

CVE-2026-27283 InDesign Desktop | Use After Free (CWE-416)

InDesign Desktop versions 20.5.2, 21.2 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS0.00039EPSS

Cvelist•added 2026/04/14 4:45 p.m.•23 views

CVE-2026-27238 InDesign Desktop | Heap-based Buffer Overflow (CWE-122)

7.8CVSS0.00029EPSS

Cvelist•added 2026/04/14 4:45 p.m.•22 views

CVE-2026-27291 InDesign Desktop | Out-of-bounds Write (CWE-787)

InDesign Desktop versions 20.5.2, 21.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS0.00037EPSS