CVE-2026-27294

High

Published: 14 April 2026

Published

14 April 2026

Modified

15 April 2026

KEV Added

—

Patch

—

CVSS Score 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS Score 0.0003 7.7th percentile

Risk Priority 16 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2026-27294 is a high-severity Out-of-bounds Read (CWE-125) vulnerability in Adobe Framemaker. Its CVSS base score is 7.8 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Malicious File (T1204.002); ranked at the 7.7th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-16 (Memory Protection) and SI-2 (Flaw Remediation).

Threat & Defense at a Glance

What attackers do: exploitation maps to Malicious File (T1204.002). What defenders deploy: see the NIST 800-53 controls recommended below.

Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SI-2 Flaw Remediation good match

prevent

Flaw remediation requires timely patching of the out-of-bounds read vulnerability in Adobe FrameMaker as addressed in Adobe's APSB26-36 bulletin, eliminating the root cause.

SI-16 Memory Protection good match

prevent

Memory protection mechanisms like ASLR, DEP, and stack canaries directly prevent exploitation of out-of-bounds read vulnerabilities leading to arbitrary code execution.

SI-3 Malicious Code Protection partial match

preventdetect

Malicious code protection via endpoint detection tools can identify and block crafted files or exploit behaviors targeting this Adobe FrameMaker vulnerability.

MITRE ATT&CK Enterprise TechniquesAI

T1204.002 Malicious File Execution

An adversary may rely upon a user opening a malicious file in order to gain execution.

attack.mitre.org →

Why these techniques?

Out-of-bounds read in FrameMaker file parser enables RCE when victim opens crafted malicious file (AV:L/UI:R), directly mapping to User Execution via Malicious File.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

NVD Description

Adobe Framemaker versions 2022.8 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute…

code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Deeper analysisAI

CVE-2026-27294, published on 2026-04-14, is an out-of-bounds read vulnerability (CWE-125) affecting Adobe FrameMaker versions 2022.8 and earlier. The issue arises when parsing a crafted file, which can cause a read past the end of an allocated memory structure.

The vulnerability has a CVSS v3.1 base score of 7.8 (AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H). Exploitation requires local access and user interaction, as a victim must open a malicious file. An attacker who tricks a user into doing so can achieve arbitrary code execution in the context of the current user.

Adobe's security bulletin APSB26-36 addresses this vulnerability and is available at https://helpx.adobe.com/security/products/framemaker/apsb26-36.html.

Details

CWE(s): CWE-125

Affected Products

adobe

framemaker

≤ 2022.9

CVEs Like This One

CVE-2026-27295Same product: Adobe Framemaker

CVE-2026-27296Same product: Adobe Framemaker

CVE-2026-27297Same product: Adobe Framemaker

CVE-2026-27298Same product: Adobe Framemaker

CVE-2026-27293Same product: Adobe Framemaker

CVE-2026-27292Same product: Adobe Framemaker

CVE-2026-27290Same product: Adobe Framemaker

CVE-2026-21322Same product: Microsoft Windows

CVE-2026-21345Same product: Microsoft Windows

CVE-2026-27284Same product: Microsoft Windows

References

https://helpx.adobe.com/security/products/framemaker/apsb26-36.html
Vendor Advisory · psirt@adobe.com