PT-2026-32767 · Adobe · Connect
Jann Horn
·
Published
2026-04-14
·
Updated
2026-04-28
·
CVE-2026-27303
CVSS v3.1
10
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Adobe Connect versions 2025.3 and 12.10 and earlier
Description
An issue involving Deserialization of Untrusted Data allows for arbitrary code execution in the context of the current user. This flaw can be exploited without requiring any user interaction and results in a change of scope.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
RCE
Deserialization of Untrusted Data
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Connect