Adobe Patches Actively Exploited Acrobat Reader Flaw CVE-2026-34621
Adobe has released emergency updates for a critical Acrobat Reader flaw CVE-2026-34621 (CVSS 8.6) actively exploited via malicious PDF documents.
What’s new: Adobe has released emergency updates to address a critical security flaw in Acrobat Reader, identified as CVE-2026-34621, which is actively being exploited. The vulnerability has a CVSS score of 8.6 and allows attackers to execute malicious code through specially crafted PDF documents.
Who’s affected
The following products and versions are impacted on both Windows and macOS:
- Acrobat DC versions 26.001.21367 and earlier (Fixed in 26.001.21411)
- Acrobat Reader DC versions 26.001.21367 and earlier (Fixed in 26.001.21411)
- Acrobat 2024 versions 24.001.30356 and earlier (Fixed in 24.001.30362 for Windows and 24.001.30360 for macOS)
What to do
- Update to the latest versions of Acrobat DC and Acrobat Reader DC (26.001.21411) and Acrobat 2024 (24.001.30362 for Windows and 24.001.30360 for macOS) immediately to mitigate the risk.
