CVE security advisories and vulnerability history for Adobe Reader by adobe.
Last updated
Adobe Reader has 13 published CVE records since 2008, of which 11 are in CISA's Known Exploited Vulnerabilities catalog and 12 have a known public exploit. The average CVSS base score across scored CVEs is 8.7.
This page aggregates every publicly disclosed vulnerability (CVE) affecting Adobe Reader, with a severity breakdown, the affected and patched versions, the most common weakness types, and the full CVE list.
How the CVSS severity of Adobe Reader's CVEs breaks down, plus how many are exploited in the wild or have public exploit code.
2 additional CVEs have no CVSS severity score.
In CISA’s Known Exploited Vulnerabilities catalog
11
11 of Adobe Reader's CVEs are confirmed exploited in the wild.
Public exploits
12
12 of Adobe Reader's CVEs have a known public exploit available.
Browse every Adobe Reader version named in a CVE, then pick one to see only the CVEs that affect it.
No specific affected versions are recorded for Adobe Reader; the CVEs below apply to the product without a version pin.
13 CVEs
Added to CISA KEV 2022-05-25
Added to CISA KEV 2022-03-03
Added to CISA KEV 2022-03-03
Added to CISA KEV 2022-03-03
Added to CISA KEV 2022-03-03
Added to CISA KEV 2022-06-08
Added to CISA KEV 2022-06-08
Added to CISA KEV 2022-03-03
Added to CISA KEV 2022-06-08
The CWE weakness categories most often found in Adobe Reader CVEs. Follow any weakness for its full explanation.
How many Adobe Reader CVEs were published each year.
Browse vulnerabilities for other products by adobe.
Common questions about Adobe Reader vulnerabilities.
adobe Adobe Reader has 13 published CVE records since 2008.
Yes — 11 of adobe Adobe Reader's CVEs are listed in CISA's Known Exploited Vulnerabilities catalog, confirmed exploited in the wild and carrying a CISA remediation deadline.
Yes — 12 of adobe Adobe Reader's CVEs have a known public exploit.
adobe Adobe Reader's CVEs most often map to these CWE weakness types: CWE-787 (Out-of-bounds Write), CWE-120 (Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')), CWE-200 (Exposure of Sensitive Information to an Unauthorized Actor), CWE-416 (Use After Free).
adobe Adobe Reader has 3 critical and 8 high-severity CVEs.
The average CVSS base score across adobe Adobe Reader's scored CVEs is 8.7.
Vulnerability data is sourced from the CVE Program; severity, KEV, and exploit signals are aggregated by RadicalNotion.AI.
Monitor new Adobe Reader vulnerabilities as they are disclosed, with AI-written analysis and remediation guidance.
