High Severity Vulnerability
This vulnerability has been rated as High severity. Immediate action is recommended.
CVE-2026-27238
High
Low
Medium
High
Critical
7.8
CVSS Score
Vulnerability Description
InDesign Desktop versions 20.5.2, 21.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVSS Metrics
Common Vulnerability Scoring System
Vector String:
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Attack Vector
L
Attack Complexity
L
Privileges Required
N
User Interaction
R
Scope
U
Confidentiality
H
Integrity
H
Availability
H
Known Affected Software
73 configuration(s) from 1 vendor(s)
indesign
Version:
18.5.4
CPE:
cpe:2.3:a:adobe:indesign:18.5.4:*:*:*:*:*:*:*
indesign
Version:
9.3.0
CPE:
cpe:2.3:a:adobe:indesign:9.3.0:*:*:*:*:*:*:*
indesign
Version:
19.5.1
CPE:
cpe:2.3:a:adobe:indesign:19.5.1:*:*:*:*:*:*:*
indesign
Version:
7.5.3
CPE:
cpe:2.3:a:adobe:indesign:7.5.3:*:*:*:*:*:*:*
indesign
Version:
21.1
CPE:
cpe:2.3:a:adobe:indesign:21.1:*:*:*:*:*:*:*
indesign
Version:
16.4.1
CPE:
cpe:2.3:a:adobe:indesign:16.4.1:*:*:*:*:*:*:*
indesign
Version:
8.0.2
CPE:
cpe:2.3:a:adobe:indesign:8.0.2:*:*:*:*:*:*:*
indesign
Version:
20.5
CPE:
cpe:2.3:a:adobe:indesign:20.5:*:*:*:*:*:*:*
indesign
Version:
8.1.0
CPE:
cpe:2.3:a:adobe:indesign:8.1.0:*:*:*:*:*:*:*
indesign
Version:
15.1.1
CPE:
cpe:2.3:a:adobe:indesign:15.1.1:*:*:*:*:*:*:*
indesign
Version:
11.3.0
CPE:
cpe:2.3:a:adobe:indesign:11.3.0:*:*:*:*:*:*:*
indesign
Version:
19.5.4
CPE:
cpe:2.3:a:adobe:indesign:19.5.4:*:*:*:*:*:*:*
indesign
Version:
12.0
CPE:
cpe:2.3:a:adobe:indesign:12.0:*:*:*:*:*:*:*
indesign
Version:
9.2.0
CPE:
cpe:2.3:a:adobe:indesign:9.2.0:*:*:*:*:*:*:*
indesign
Version:
11.4.0
CPE:
cpe:2.3:a:adobe:indesign:11.4.0:*:*:*:*:*:*:*
indesign
Version:
6.0
CPE:
cpe:2.3:a:adobe:indesign:6.0:*:*:*:*:*:*:*
indesign
Version:
19.0
CPE:
cpe:2.3:a:adobe:indesign:19.0:*:*:*:*:*:*:*
indesign
Version:
20.0.2
CPE:
cpe:2.3:a:adobe:indesign:20.0.2:*:*:*:*:*:*:*
indesign
Version:
20.0.1
CPE:
cpe:2.3:a:adobe:indesign:20.0.1:*:*:*:*:*:*:*
indesign
Version:
16.3
CPE:
cpe:2.3:a:adobe:indesign:16.3:*:*:*:*:*:*:*
indesign
Version:
17.4.1
CPE:
cpe:2.3:a:adobe:indesign:17.4.1:*:*:*:*:*:*:*
indesign
Version:
11.4.1
CPE:
cpe:2.3:a:adobe:indesign:11.4.1:*:*:*:*:*:*:*
indesign
Version:
18.5.1
CPE:
cpe:2.3:a:adobe:indesign:18.5.1:*:*:*:*:*:*:*
indesign
Version:
12.1
CPE:
cpe:2.3:a:adobe:indesign:12.1:*:*:*:*:*:*:*
indesign
Version:
16.0
CPE:
cpe:2.3:a:adobe:indesign:16.0:*:*:*:*:*:*:*
indesign
Version:
19.5.3
CPE:
cpe:2.3:a:adobe:indesign:19.5.3:*:*:*:*:*:*:*
indesign
Version:
20.1
CPE:
cpe:2.3:a:adobe:indesign:20.1:*:*:*:*:*:*:*
indesign
Version:
7.0.2
CPE:
cpe:2.3:a:adobe:indesign:7.0.2:*:*:*:*:*:*:*
indesign
Version:
19.5
CPE:
cpe:2.3:a:adobe:indesign:19.5:*:*:*:*:*:*:*
indesign
Version:
18.5.3
CPE:
cpe:2.3:a:adobe:indesign:18.5.3:*:*:*:*:*:*:*
indesign
Version:
9.2.1
CPE:
cpe:2.3:a:adobe:indesign:9.2.1:*:*:*:*:*:*:*
indesign
Version:
7.5.2
CPE:
cpe:2.3:a:adobe:indesign:7.5.2:*:*:*:*:*:*:*
indesign
Version:
14.0.1
CPE:
cpe:2.3:a:adobe:indesign:14.0.1:*:*:*:*:*:*:*
indesign
Version:
15.1.2
CPE:
cpe:2.3:a:adobe:indesign:15.1.2:*:*:*:*:*:*:*
indesign
Version:
16.3.2
CPE:
cpe:2.3:a:adobe:indesign:16.3.2:*:*:*:*:*:*:*
indesign
Version:
5.0.1
CPE:
cpe:2.3:a:adobe:indesign:5.0.1:*:*:*:*:*:*:*
indesign
Version:
20.2
CPE:
cpe:2.3:a:adobe:indesign:20.2:*:*:*:*:*:*:*
indesign
Version:
18.5
CPE:
cpe:2.3:a:adobe:indesign:18.5:*:*:*:*:*:*:*
indesign
Version:
7.0.3
CPE:
cpe:2.3:a:adobe:indesign:7.0.3:*:*:*:*:*:*:*
indesign
Version:
21.0
CPE:
cpe:2.3:a:adobe:indesign:21.0:*:*:*:*:*:*:*
indesign
Version:
19.5.5
CPE:
cpe:2.3:a:adobe:indesign:19.5.5:*:*:*:*:*:*:*
indesign
Version:
18.3
CPE:
cpe:2.3:a:adobe:indesign:18.3:*:*:*:*:*:*:*
indesign
Version:
7.5.1
CPE:
cpe:2.3:a:adobe:indesign:7.5.1:*:*:*:*:*:*:*
indesign
Version:
9.1.0
CPE:
cpe:2.3:a:adobe:indesign:9.1.0:*:*:*:*:*:*:*
indesign
Version:
11.0.1
CPE:
cpe:2.3:a:adobe:indesign:11.0.1:*:*:*:*:*:*:*
indesign
Version:
11.1.0
CPE:
cpe:2.3:a:adobe:indesign:11.1.0:*:*:*:*:*:*:*
indesign
Version:
9.2.2
CPE:
cpe:2.3:a:adobe:indesign:9.2.2:*:*:*:*:*:*:*
indesign
Version:
11.2.0
CPE:
cpe:2.3:a:adobe:indesign:11.2.0:*:*:*:*:*:*:*
indesign
Version:
17.4.2
CPE:
cpe:2.3:a:adobe:indesign:17.4.2:*:*:*:*:*:*:*
indesign
Version:
20.0
CPE:
cpe:2.3:a:adobe:indesign:20.0:*:*:*:*:*:*:*
indesign
Version:
17.2.1
CPE:
cpe:2.3:a:adobe:indesign:17.2.1:*:*:*:*:*:*:*
indesign
Version:
19.4
CPE:
cpe:2.3:a:adobe:indesign:19.4:*:*:*:*:*:*:*
indesign
Version:
13.0
CPE:
cpe:2.3:a:adobe:indesign:13.0:*:*:*:*:*:*:*
indesign
Version:
18.1
CPE:
cpe:2.3:a:adobe:indesign:18.1:*:*:*:*:*:*:*
indesign
Version:
3.0.1
CPE:
cpe:2.3:a:adobe:indesign:3.0.1:*:*:*:*:*:*:*
indesign
Version:
20.3
CPE:
cpe:2.3:a:adobe:indesign:20.3:*:*:*:*:*:*:*
indesign
Version:
16.4
CPE:
cpe:2.3:a:adobe:indesign:16.4:*:*:*:*:*:*:*
indesign
Version:
21.0.1
CPE:
cpe:2.3:a:adobe:indesign:21.0.1:*:*:*:*:*:*:*
indesign
Version:
18.0
CPE:
cpe:2.3:a:adobe:indesign:18.0:*:*:*:*:*:*:*
indesign
Version:
5.0
CPE:
cpe:2.3:a:adobe:indesign:5.0:*:*:*:*:*:*:*
indesign
Version:
13.0.1
CPE:
cpe:2.3:a:adobe:indesign:13.0.1:*:*:*:*:*:*:*
indesign
Version:
3.0
CPE:
cpe:2.3:a:adobe:indesign:3.0:*:*:*:*:*:*:*
indesign
Version:
20.4
CPE:
cpe:2.3:a:adobe:indesign:20.4:*:*:*:*:*:*:*
indesign
Version:
19.3
CPE:
cpe:2.3:a:adobe:indesign:19.3:*:*:*:*:*:*:*
indesign
Version:
19.5.2
CPE:
cpe:2.3:a:adobe:indesign:19.5.2:*:*:*:*:*:*:*
indesign
Version:
4.0.0
CPE:
cpe:2.3:a:adobe:indesign:4.0.0:*:*:*:*:*:*:*
indesign
Version:
20.5.1
CPE:
cpe:2.3:a:adobe:indesign:20.5.1:*:*:*:*:*:*:*
indesign
Version:
18.5.2
CPE:
cpe:2.3:a:adobe:indesign:18.5.2:*:*:*:*:*:*:*
indesign
Version:
5.0.2
CPE:
cpe:2.3:a:adobe:indesign:5.0.2:*:*:*:*:*:*:*
indesign
Version:
13.1
CPE:
cpe:2.3:a:adobe:indesign:13.1:*:*:*:*:*:*:*
indesign
Version:
7.0.4
CPE:
cpe:2.3:a:adobe:indesign:7.0.4:*:*:*:*:*:*:*
indesign
Version:
17.0
CPE:
cpe:2.3:a:adobe:indesign:17.0:*:*:*:*:*:*:*
indesign
Version:
8.0.1
CPE:
cpe:2.3:a:adobe:indesign:8.0.1:*:*:*:*:*:*:*
This vulnerability affects 73 software configuration(s). Ensure you patch all affected systems.
Severity Details
7.8
out of 10.0
High
Weakness Type (CWE)
CWE-122
Heap-based Buffer Overflow
- Description
- A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc().
- Exploit Likelihood
- High
- Typical Severity
- High
- Abstraction Level
- Variant
Key Information
- Published Date
- April 14, 2026
