CVE-2026-34628

Name of the Vulnerable Software and Affected Versions InDesign Desktop versions 20.5.2 and 21.2 and earlier

Description A Heap-based Buffer Overflow (a condition where a program writes more data to a heap-allocated memory block than it can hold) could result in arbitrary code execution in the context of the current user. Exploitation requires user interaction, specifically the opening of a malicious file.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.