CVE-2026-34615

Adobe Connect versions 2025.3, 12.10 and earlier are affected by a Deserialization of Untrusted Data vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction. Scope is changed.

CVSS v3 9.3 CRITICAL

9.3^/10

CVSS v3 : CRITICAL

Vector :

Exploitability : 2.8 / Impact : 5.8

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact NONE

Scope CHANGED

References

Link	Resource
https://helpx.adobe.com/security/products/connect/apsb26-37.html	Vendor Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:a:adobe:connect:*:*:*:*:*:-:*:*

OR	cpe:2.3:o:apple:macos:-:::::::*
	cpe:2.3:o:microsoft:windows:-:::::::*

Configuration 2 (hide)

OR	cpe:2.3:a:adobe:connect_desktop_application::::::macos::*
	cpe:2.3:a:adobe:connect_desktop_application::::::windows::*

History

22 Apr 2026, 19:36

Type	Values Removed	Values Added
CPE		cpe:2.3:o:microsoft:windows:-:::::::* cpe:2.3:a:adobe:connect::::::-::* cpe:2.3:a:adobe:connect_desktop_application::::::windows::* cpe:2.3:a:adobe:connect_desktop_application::::::macos::* cpe:2.3:o:apple:macos:-:::::::*
References	~~() https://helpx.adobe.com/security/products/connect/apsb26-37.html -~~	() https://helpx.adobe.com/security/products/connect/apsb26-37.html - Vendor Advisory
First Time		Adobe connect Adobe Microsoft windows Adobe connect Desktop Application Microsoft Apple macos Apple

14 Apr 2026, 18:17

Type	Values Removed	Values Added
New CVE

Information

Published : 2026-04-14 18:17

Updated : 2026-04-22 19:36

NVD link : CVE-2026-34615

Mitre link : CVE-2026-34615

CVE.ORG link : CVE-2026-34615

JSON object : View

Products Affected

adobe

connect_desktop_application
connect

microsoft

windows

apple

macos

CWE

CWE-502

Deserialization of Untrusted Data

{"id": "CVE-2026-34615", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "psirt@adobe.com", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 9.3, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.8, "exploitabilityScore": 2.8}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 10.0, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.8, "exploitabilityScore": 3.9}]}, "published": "2026-04-14T18:17:36.373", "references": [{"url": "https://helpx.adobe.com/security/products/connect/apsb26-37.html", "tags": ["Vendor Advisory"], "source": "psirt@adobe.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "psirt@adobe.com", "description": [{"lang": "en", "value": "CWE-502"}]}], "descriptions": [{"lang": "en", "value": "Adobe Connect versions 2025.3, 12.10 and earlier are affected by a Deserialization of Untrusted Data vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction. Scope is changed."}], "lastModified": "2026-04-22T19:36:40.277", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:adobe:connect:*:*:*:*:*:-:*:*", "vulnerable": true, "matchCriteriaId": "4A1D88E9-612C-49B1-8521-F2258D4D74CA", "versionEndExcluding": "12.11"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E"}, {"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:adobe:connect_desktop_application:*:*:*:*:*:macos:*:*", "vulnerable": true, "matchCriteriaId": "185BF6E9-82FC-45E0-A64E-03FB923F34AD", "versionEndIncluding": "2025.3"}, {"criteria": "cpe:2.3:a:adobe:connect_desktop_application:*:*:*:*:*:windows:*:*", "vulnerable": true, "matchCriteriaId": "783AAAA9-E68B-43E3-86A3-5227E27392A5", "versionEndExcluding": "2025.9.15"}], "operator": "OR"}]}], "sourceIdentifier": "psirt@adobe.com"}