Adobe FrameMaker <=2022.8 UIP Access (Memory Exposure): CVE-2026-27300 April 2026

Adobe Framemaker | Access of Uninitialized Pointer (CWE-824)
Adobe Framemaker versions 2022.8 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to disclose sensitive information. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Vulnerability Analysis

CVE-2026-27300 is exploitable with local system access, requires user interaction. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.

Attack Vector:

LOCAL

Attack Complexity:

LOW

Privileges Required:

NONE

User Interaction:

REQUIRED

Scope:

UNCHANGED

Confidentiality Impact:

HIGH

Integrity Impact:

NONE

Availability Impact:

NONE

Weakness Type

Access of Uninitialized Pointer

The program accesses or uses a pointer that has not been initialized.

Products Associated with CVE-2026-27300

Want to know whenever a new CVE is published for Adobe Framemaker? stack.watch will email you.

Adobe FrameMaker <=2022.8 UIP Access (Memory Exposure)
CVE-2026-27300 Published on April 14, 2026

Vulnerability Analysis

Weakness Type

Access of Uninitialized Pointer

Products Associated with CVE-2026-27300

Affected Versions

Adobe FrameMaker <=2022.8 UIP Access (Memory Exposure)CVE-2026-27300 Published on April 14, 2026

Vulnerability Analysis

Weakness Type

Access of Uninitialized Pointer

Products Associated with CVE-2026-27300

Affected Versions

Adobe FrameMaker <=2022.8 UIP Access (Memory Exposure)
CVE-2026-27300 Published on April 14, 2026