CVE-2026-27221
Improper Certificate Validation in Acrobat Reader Enables Spoofing
Publication date: 2026-03-10
Last updated on: 2026-03-11
Assigner: Adobe Systems Incorporated
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| adobe | acrobat_dc | to 25.001.21288 (exc) |
| adobe | acrobat_reader_dc | to 25.001.21288 (exc) |
| adobe | acrobat | From 24.001.20604 (inc) to 24.001.30356 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-295 | The product does not validate, or incorrectly validates, a certificate. |
Attack-Flow Graph
AI Powered Q&A
How can this vulnerability impact me? :
This vulnerability can impact you by allowing an attacker to spoof the identity of a signer in a document.
Such spoofing could lead to trusting forged or malicious documents, potentially causing misinformation or unauthorized actions based on the false identity.
However, exploitation requires user interaction, so the risk depends on user behavior.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
Can you explain this vulnerability to me?
This vulnerability affects certain versions of Acrobat Reader (24.001.30307, 24.001.30308, 25.001.21265 and earlier) and is caused by improper certificate validation.
Because of this flaw, an attacker could bypass security features by spoofing the identity of a signer.
Exploitation requires user interaction, meaning the user must take some action for the attack to succeed.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
I don't know
What immediate steps should I take to mitigate this vulnerability?
I don't know