Exposures › CVE-2026-34621
Adobe Acrobat and Reader are actively exploited for arbitrary code execution via prototype pollution.
This prototype pollution vulnerability enables remote code execution in Adobe Acrobat and Reader, which are widely deployed in defense environments. DIB organizations must immediately patch and audit their Acrobat installations to prevent ransomware or espionage entry points.
Shame score — Active exploitation of a high-severity RCE vulnerability in a ubiquitous DIB tool indicates a critical security gap.
Adobe Acrobat and Reader contain a prototype pollution vulnerability that allows for arbitrary code execution.
| Product | Provider | Status | Match |
|---|---|---|---|
| Adobe Acrobat Sign for Government | Adobe | Authorized | vendor-exact · 0.90 |
| Adobe Analytics | Adobe | Authorized | vendor-exact · 0.90 |
| Adobe Campaign | Adobe | Authorized | vendor-exact · 0.90 |
| Adobe Connect Managed Services (ACMS-GC) | Adobe | Authorized | vendor-exact · 0.90 |
| Adobe Creative Cloud for Enterprise | Adobe | Authorized | vendor-exact · 0.90 |
| Adobe Document Cloud (PDF Services & Adobe Sign) | Adobe | Authorized | vendor-exact · 0.90 |
| Adobe Experience Manager Managed Services (AEMMS-GC) | Adobe | Authorized | vendor-exact · 0.90 |
| Adobe Learning Manager | Adobe | Authorized | vendor-exact · 0.90 |