CVE-2026-27303
Published: 14 April 2026
Summary
CVE-2026-27303 is a critical-severity Deserialization of Untrusted Data (CWE-502) vulnerability in Adobe Connect Desktop Application. Its CVSS base score is 9.6 (Critical).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 10.5% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Directly remediates the deserialization of untrusted data vulnerability by applying vendor patches for affected Adobe Connect versions.
Validates untrusted input from malicious URLs or web pages before deserialization, preventing arbitrary code execution.
Implements memory protections such as DEP and ASLR to mitigate arbitrary code execution even if deserialization partially succeeds.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
CVE-2026-27303 is a deserialization vulnerability in the public-facing Adobe Connect web application enabling remote arbitrary code execution with no privileges required, directly mapping to T1190: Exploit Public-Facing Application.
NVD Description
Adobe Connect versions 2025.3, 12.10 and earlier are affected by a Deserialization of Untrusted Data vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a…
more
victim must visit a maliciously crafted URL or interact with a compromised web page. Scope is changed.
Deeper analysisAI
CVE-2026-27303 is a Deserialization of Untrusted Data vulnerability (CWE-502) affecting Adobe Connect versions 2025.3, 12.10, and earlier. It enables arbitrary code execution in the context of the current user. The vulnerability has a CVSS v3.1 base score of 9.6 (AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H), indicating critical severity with network accessibility, low attack complexity, no required privileges, user interaction, and changed scope.
Remote attackers can exploit this vulnerability by tricking victims into visiting a maliciously crafted URL or interacting with a compromised web page. Successful exploitation allows attackers to execute arbitrary code with the privileges of the current user, potentially leading to full system compromise on the victim's machine.
The official Adobe Security Bulletin APSB26-37 at https://helpx.adobe.com/security/products/connect/apsb26-37.html provides details on mitigation, including available patches for affected versions. Security practitioners should apply these updates promptly and advise users to avoid suspicious links.
Details
- CWE(s)