Adobe has put out urgent updates to fix a serious security problem in Acrobat Reader that is being actively used for attacks.
The flaw known as CVE-2026-34621 has a CVSS score of 8.6 out of 10. If an attacker takes advantage of this issue, they can run harmful code on the affected systems.
By infosecbulletin
/ Tuesday , July 14 2026
Meta announced on Monday that its data center in Richland Parish, Louisiana, will grow to 5 gigawatts of computing power....
Read More
By infosecbulletin
/ Sunday , July 12 2026
Global ransomware attacks stayed very high in the first seven months of 2026. There were 5,064 confirmed victims in 135...
Read More
By infosecbulletin
/ Sunday , July 12 2026
Palo Alto Networks shared warnings on Wednesday about over twelve security issues in its products. The new warnings include 13 security...
Read More
By infosecbulletin
/ Sunday , July 12 2026
A critical flaw with how Dell saves BIOS passwords lets anyone quickly recover these passwords from a flash dump without...
Read More
By infosecbulletin
/ Saturday , July 11 2026
CoLoCity is proud to launch a new Data Center in Gulshan-2. It is designed to meet the growing demand for...
Read More
By infosecbulletin
/ Friday , July 10 2026
Cyberattacks are rising around the world, including ransomware, malware, data leaks, and hacked websites. These events show how complex and...
Read More
By infosecbulletin
/ Friday , July 10 2026
A major AWS attack shows how attackers with AI can connect known cloud strategies to go from first access to...
Read More
By infosecbulletin
/ Thursday , July 9 2026
A new cybercrime ad is catching attention in the security world. It talks about a botnet that doesn't just get...
Read More
By infosecbulletin
/ Wednesday , July 8 2026
CrowdStrike has shared five new ways to inject prompts, showing the rising danger to AI agents as more organizations use...
Read More
By infosecbulletin
/ Wednesday , July 8 2026
A critical flaw in Google Cloud Platform’s Dialogflow CX lets attackers add harmful code to a company's AI chatbot system....
Read More
It has been described as a case of prototype pollution that could result in arbitrary code execution. Prototype pollution refers to a JavaScript security vulnerability that permits an attacker to manipulate an application’s objects and properties.
The issue impacts the following products and versions for both Windows and macOS:
Acrobat DC versions 26.001.21367 and earlier (Fixed in 26.001.21411)
Acrobat Reader DC versions 26.001.21367 and earlier (Fixed in 26.001.21411)
Acrobat 2024 versions 24.001.30356 and earlier (Fixed in 24.001.30362 for Windows and 24.001.30360 for macOS)
Adobe acknowledged that it’s “aware of CVE-2026-34621 being exploited in the wild.”
The news arrives shortly after security expert Haifei Li, who started EXPMON, shared information about a serious flaw. This flaw lets bad actors run harmful JavaScript code when opening special PDF files in Adobe Reader. Some proof shows that this problem might have been used for attacks since December 2025.
“It appears that Adobe has determined the bug can lead to arbitrary code execution — not just an information leak,” EXPMON said in a post on X. “This aligns with our findings and those of other security researchers over the last few days.”