Adobe Framemaker may crash or run malicious code when opening a file

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

7.8

Adobe Framemaker may crash or run malicious code when opening a file

CVE-2026-27294

Summary

Adobe Framemaker versions 2022.8 and earlier are vulnerable to a bug that can be exploited by opening a specially crafted file. This could cause the program to crash or allow an attacker to run unauthorized code on the victim's computer. Update to the latest version of Framemaker to fix this issue.

Original title

Original description

Adobe Framemaker versions 2022.8 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

nvd CVSS3.1 7.8

Vulnerability type

CWE-125 Out-of-bounds Read

https://helpx.adobe.com/security/products/framemaker/apsb26-36.html

Published: 14 Apr 2026 · Updated: 15 Apr 2026 · First seen: 15 Apr 2026