CyberHappenings logo
Home Browse Watchlists Experimental About

Track cybersecurity events as they unfold. Sourced timelines. Filter, sort, and browse. Fast, privacy‑respecting. No invasive ads, no tracking.

Actively exploited prototype pollution flaw in Adobe Acrobat Reader patched as CVE-2026-34621

First reported
Last updated
1 unique sources, 1 articles

Summary

Hide ▲

A critical prototype pollution vulnerability in Adobe Acrobat Reader, tracked as CVE-2026-34621, has been patched following active in-the-wild exploitation. The flaw permits arbitrary code execution via malicious PDF documents containing crafted JavaScript, enabling attackers to compromise vulnerable systems. Exploitation has been observed since at least December 2025, with reports indicating abuse of the bug in targeted attacks. Adobe released emergency updates on April 12, 2026, after researchers publicly disclosed exploitation details and technical impact.

Timeline

  1. 12.04.2026 07:25 1 articles · 4h ago

    Emergency patch issued for CVE-2026-34621 following active exploitation

    Adobe released emergency updates on April 12, 2026, addressing CVE-2026-34621 in Acrobat Reader and Acrobat DC/2024, after researchers reported active in-the-wild exploitation dating to December 2025. The patched versions mitigate prototype pollution leading to arbitrary code execution via malicious PDFs containing crafted JavaScript.

    Show sources
    Open in new tab

Information Snippets