CVE-2026-34704

MEDIUM NVD

CVSS Score 5.5

Severity MEDIUM

Published Jun 09, 2026

Vendor unknown

Description

InDesign Desktop versions 21.3, 20.5.3 and earlier are affected by a NULL Pointer Dereference vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

References

https://helpx.adobe.com/security/products/indesign/apsb26-58.html