High severity7.8NVD Advisory· Published Apr 14, 2026· Updated Apr 16, 2026
CVE-2026-27283
CVE-2026-27283
Description
InDesign Desktop versions 20.5.2, 21.2 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Affected products
2cpe:2.3:a:adobe:indesign:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:adobe:indesign:*:*:*:*:*:*:*:*range: <20.5.3
- (no CPE)range: <=21.2
Patches
Vulnerability mechanics
References
1- helpx.adobe.com/security/products/indesign/apsb26-32.htmlnvdVendor Advisory
News mentions
0No linked articles in our index yet.