216.73.217.86

CVE-2026-48294

· Published 17/06/2026 12:55 · Author: The MITRE Corporation

Labels: CVE-2026-48294 2026-06-17CVE-2026-48294CWE-79[email protected]

Essential information

Published
17/06/2026 12:55
Modified
Author
The MITRE Corporation
Creator
The MITRE Corporation
CVSS
8.2 HIGH (v3.1)
CISA KEV
No
CWE
CWE-79
EPSS (First)
P56.7% ?EPSS percentile: rank of this vulnerability versus all others. Higher percentile = more likely to be exploited. Learn more (score 0.00955)
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N

CVSS metrics

Description

Adobe Acrobat PDF Extension (Chrome) versions 26.5.2.2 and earlier are affected by a UXSS-class cross-origin data disclosure vulnerability. An attacker could exploit this vulnerability to gain access to data regarding the victim's session. Exploitation of this issue requires user interaction in that a victim must visit a maliciously crafted URL or interact with a compromised web page. Scope is changed.

NVD status

NVD
View on NVD