Zero Day MonitorZDM

← Back to list

7.8

CVE-2026-47911EXPLOITEDPATCHED

adobe · acrobat

Acrobat Reader | Out-of-bounds Write (CWE-787)

Description

Acrobat Reader versions 24.001.30365, 26.001.21651 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Affected Products

Vendor	Product	Versions
adobe	acrobat	0

Also Affects

Downstream vendors/products affected by this vulnerability

Vendor	Product	Source	Confidence
adobe	acrobat reader	cert_advisory	90%
adobe	acrobat	cert_advisory	90%
adobe	acrobat_reader	cve_cpe	95%
apple	macos	cve_cpe	95%
microsoft	windows	cve_cpe	95%

References

https://helpx.adobe.com/security/products/acrobat/apsb26-63.html(vendor-advisory)

Related News (3 articles)

Tier B

BSI Advisories3d ago

[NEU] [mittel] Adobe Acrobat und Adobe Acrobat Reader: Mehrere Schwachstellen

→ No new info (linked only)

Tier C

VulDB3d ago

CVE-2026-47911 | Adobe Acrobat Reader up to 24.001.30365/26.001.21651 File out-of-bounds write (apsb26-63)

→ No new info (linked only)

Tier B

CERT-FR3d ago

Multiples vulnérabilités dans les produits Adobe (10 juin 2026)

→ No new info (linked only)

CVSS 3.17.8 HIGH

VectorCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CISA KEV❌ No

Actively exploited✅ Yes

Patch available

https://helpx.adobe.com/security/products/acrobat/apsb26-63.html

CWECWE-787

PublishedJun 9, 2026

Last enriched3d agov2

Tags

CVE-2026-47911

Trending Score41

Source articles3

Independent3

Info Completeness9/14

Missing: epss, kev, exploit, iocs, mitre_attack

Community Vote

0 upvotes0 downvotes

No votes yet

Related CVEs (5)

CRITICALCVE-2026-47965EXP

Acrobat Reader | Out-of-bounds Write (CWE-787)

HIGHCVE-2026-47955EXP

Acrobat Reader | Use After Free (CWE-416)

HIGHCVE-2026-47930EXP

ColdFusion | Improper Input Validation (CWE-20)

HIGHCVE-2026-47959EXP

Acrobat Reader | Stack-based Buffer Overflow (CWE-121)

HIGHCVE-2026-47932EXP

ColdFusion | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (CWE-22)

Pin to Dashboard

Verification

State: unverified

Confidence: 0%

Vulnerability Timeline

CVE Published

Jun 9, 2026

Discovered by ZDM

Jun 9, 2026

Updated: severity, activelyExploited, tags

Jun 10, 2026

Actively Exploited

Jun 10, 2026

Patch Available

Jun 10, 2026

Version History

v2

Last enriched 3d ago

v2Tier C3d ago

Updated severity to CRITICAL, marked as actively exploited, and added CVE-2026-47911 as a new tag.

severityactivelyExploitedtags

via VulDB

v13d ago

Initial creation