CVE-2026-34622

/** * Proof of Concept (PoC) for Prototype Pollution * Demonstrates the logic used to exploit CVE-2026-34622 * This code simulates the vulnerable object merging process. */ function vulnerableMerge(target, source) { for (const key in source) { // Check if the key is a prototype property if (key === '__proto__') { Object.prototype[key] = source[key]; } else { target[key] = source[key]; } } } // Simulating the malicious payload from a crafted PDF const maliciousPayload = JSON.parse('{"__proto__": {"isAdmin": true}}'); const userObject = {}; // Trigger the vulnerability vulnerableMerge(userObject, maliciousPayload); // Verification: Check if the pollution affected all objects console.log("Exploitation Successful:", {}.isAdmin); // Should print true

{"cve": {"id": "CVE-2026-34622", "sourceIdentifier": "[email protected]", "published": "2026-04-14T17:16:51.110", "lastModified": "2026-04-16T14:14:56.200", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "Acrobat Reader versions 26.001.21411, 24.001.30360, 24.001.30362 and earlier are affected by an Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "baseScore": 8.6, "baseSeverity": "HIGH", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "CHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH"}, "exploitabilityScore": 1.8, "impactScore": 6.0}]}, "weaknesses": [{"source": "[email protected]", "type": "Primary", "description": [{"lang": "en", "value": "CWE-1321"}]}], "configurations": [{"operator": "AND", "nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:classic:*:*:*", "versionStartIncluding": "24.0.0", "versionEndExcluding": "24.001.30365", "matchCriteriaId": "7E334D1F-0A7E-45F0-AE1C-AE3F38647E17"}, {"vulnerable": true, "criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*", "versionStartIncluding": "15.008.20082", "versionEndExcluding": "26.001.21431", "matchCriteriaId": "131CFDA9-0739-4C00-9B10-0F20C3979B22"}, {"vulnerable": true, "criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*", "versionStartIncluding": "15.008.20082", "versionEndExcluding": "26.001.21431", "matchCriteriaId": "EB130846-ED6A-4C3E-8984-685EEA001AAF"}]}, {"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": false, "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E"}, {"vulnerable": false, "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"}]}]}], "references": [{"url": "https://helpx.adobe.com/security/products/acrobat/apsb26-44.html", "source": "[email protected]", "tags": ["Vendor Advisory"]}]}}