Zero Day MonitorZDM

← Back to list

7.8

CVE-2026-47955EXPLOITEDPATCHED

adobe · acrobat reader

Acrobat Reader | Use After Free (CWE-416)

Description

Acrobat Reader versions 24.001.30365, 26.001.21651 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Affected Products

Vendor	Product	Versions
adobe	acrobat reader	0

Also Affects

Downstream vendors/products affected by this vulnerability

Vendor	Product	Source	Confidence
adobe	acrobat	cert_advisory	90%
adobe	acrobat reader	cert_advisory	90%

References

https://helpx.adobe.com/security/products/acrobat/apsb26-63.html(vendor-advisory)

Related News (3 articles)

Tier B

BSI Advisories3d ago

[NEU] [mittel] Adobe Acrobat und Adobe Acrobat Reader: Mehrere Schwachstellen

→ No new info (linked only)

Tier C

VulDB3d ago

CVE-2026-47955 | Adobe Acrobat Reader up to 24.001.30365/26.001.21651 File use after free (apsb26-63)

→ No new info (linked only)

Tier B

CERT-FR3d ago

Multiples vulnérabilités dans les produits Adobe (10 juin 2026)

→ No new info (linked only)

CVSS 3.17.8 HIGH

VectorCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CISA KEV❌ No

Actively exploited✅ Yes

Patch available

https://helpx.adobe.com/security/products/acrobat/apsb26-63.html

CWECWE-416

PublishedJun 9, 2026

Last enriched3d agov2

Tags

CVE-2026-47955

Trending Score41

Source articles3

Independent3

Info Completeness9/14

Missing: epss, kev, exploit, iocs, mitre_attack

Community Vote

0 upvotes0 downvotes

No votes yet

Related CVEs (5)

CRITICALCVE-2026-47965EXP

Acrobat Reader | Out-of-bounds Write (CWE-787)

HIGHCVE-2026-47911EXP

Acrobat Reader | Out-of-bounds Write (CWE-787)

HIGHCVE-2026-47930EXP

ColdFusion | Improper Input Validation (CWE-20)

HIGHCVE-2026-47959EXP

Acrobat Reader | Stack-based Buffer Overflow (CWE-121)

HIGHCVE-2026-47932EXP

ColdFusion | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (CWE-22)

Pin to Dashboard

Verification

State: unverified

Confidence: 0%

Vulnerability Timeline

CVE Published

Jun 9, 2026

Discovered by ZDM

Jun 9, 2026

Updated: severity, activelyExploited, tags

Jun 10, 2026

Actively Exploited

Jun 10, 2026

Patch Available

Jun 10, 2026

Version History

v2

Last enriched 3d ago

v2Tier C3d ago

Updated severity to CRITICAL, marked as actively exploited, and added CVE-2026-47955 as a new tag.

severityactivelyExploitedtags

via VulDB

v13d ago

Initial creation