Adobe Framemaker versions 2022.8 and earlier: Sensitive Files May Be Accessed

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

6.3

Adobe Framemaker versions 2022.8 and earlier: Sensitive Files May Be Accessed

CVE-2026-27299

Summary

If you use Adobe Framemaker 2022.8 or earlier, a malicious file could be used to access sensitive files on your system. This happens if you open the malicious file. We recommend updating to the latest version of Framemaker to fix this issue.

Original title

Original description

Adobe Framemaker versions 2022.8 and earlier are affected by an Improper Input Validation vulnerability that could lead to arbitrary file system read. An attacker could leverage this vulnerability to access sensitive files or data on the system. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

nvd CVSS3.1 6.3

Vulnerability type

CWE-20 Improper Input Validation

https://helpx.adobe.com/security/products/framemaker/apsb26-36.html

Published: 14 Apr 2026 · Updated: 16 Apr 2026 · First seen: 15 Apr 2026