Critical Adobe Acrobat Reader Flaws Allow Code Execution

On April 14, 2026, Adobe released a critical security bulletin addressing multiple vulnerabilities in Adobe Acrobat and Reader for Windows and macOS.

According to the official advisory, successful exploitation of these flaws could allow attackers to execute arbitrary code or read arbitrary files on a targeted system.

While these threats carry high severity ratings, Adobe confirmed that they are not currently aware of any active exploits in the wild.

Arbitrary code execution is particularly dangerous in document readers, as threat actors frequently use phishing emails to trick victims into opening weaponized files.

Once a malicious PDF is opened, an attacker could silently install malware, steal sensitive data, or establish a foothold within a corporate network.

Adobe Acrobat Reader Vulnerabilities

The latest security patch addresses two specific vulnerabilities. Both are categorized as Improperly Controlled Modification of Object Prototype Attributes, commonly known as Prototype Pollution (CWE-1321).

This type of flaw occurs when a script manipulates standard object behavior, allowing attackers to bypass security controls.

The security bulletin highlights the following technical details:

• CVE-2026-34622: A critical vulnerability with a high CVSS base score of 8.6, allowing arbitrary code execution in the context of the current user, was reported by a security researcher known as YH from Zscaler.
• CVE-2026-34626: Rated as important with a CVSS base score of 6.3, this flaw could result in arbitrary file system reads and expose sensitive local data, discovered by researcher greenapple.

These security flaws affect multiple tracks of Adobe’s PDF software on both Windows and macOS.

Users running outdated software are at risk of potential compromise if they interact with a maliciously crafted document.

The affected products include:

• Acrobat DC and Acrobat Reader DC (Continuous Track) versions 26.001.21411 and earlier for both Windows and macOS.
• Acrobat 2024 (Classic Track) version 24.001.30362 and earlier for Windows.
• Acrobat 2024 (Classic Track) version 24.001.30360 and earlier for macOS.

Mitigations

Adobe rated these updates as Priority 2, meaning no active exploits are known, but patches should be applied promptly to prevent future attacks.

Adobe strongly recommends updating software installations to the newly patched versions: 26.001.21431 for the Continuous Track and 24.001.30365 for the Classic 2024 Track.

Users and IT administrators can secure their environments using the following methods:

• Open the Adobe application and manually trigger the patch by navigating to Help and selecting Check for Updates.
• Rely on automatic updates if enabled, which will patch the software in the background without requiring manual user intervention.
• Download the latest full installer directly from the official Adobe Acrobat Reader Download Center.
• Deploy updates across managed enterprise environments using standard administrative tools such as SCCM for Windows or Apple Remote Desktop for macOS.

Disclaimer: HackersRadar reports on cybersecurity threats and incidents for informational and awareness purposes only. We do not engage in hacking activities, data exfiltration, or the hosting or distribution of stolen or leaked information. All content is based on publicly available sources.