Adobe Releases Emergency Security Update for Acrobat Reader to Patch Zero-Day Vulnerability

Adobe released an emergency security update for Adobe Acrobat Reader to patch a zero-day vulnerability (CVE-2026-34621) actively exploited in the wild since November 2025. The flaw is a critical prototype pollution vulnerability in JavaScript, allowing attackers to modify or add JavaScript objects and properties within the application. CVE-2026-34621 enables arbitrary code execution in the context of the current user but cannot be triggered remotely. The vulnerability was disclosed as part of an urgent patching effort following confirmed exploitation. No additional attack vectors or affected versions beyond Acrobat Reader were specified.