VYPR
Unrated severityNVD Advisory· Published Mar 11, 2025· Updated Feb 26, 2026

InDesign Desktop | Heap-based Buffer Overflow (CWE-122)

CVE-2025-27177

Description

InDesign Desktop versions ID20.1, ID19.5.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Affected products

2
  • Adobe Inc./Indesignllm-fuzzy2 versions
    <= ID19.5.2, ID20.1+ 1 more
    • (no CPE)range: <= ID19.5.2, ID20.1
    • (no CPE)range: 0

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.