Adobe Connect 12.10/2025.3 Deserialization Exploit: CVE-2026-34615 April 2026

Adobe Connect | Deserialization of Untrusted Data (CWE-502)
Adobe Connect versions 2025.3, 12.10 and earlier are affected by a Deserialization of Untrusted Data vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction. Scope is changed.

Vulnerability Analysis

CVE-2026-34615 can be exploited with network access, requires user interaction. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality and integrity, and no impact on availability.

Attack Vector:

NETWORK

Attack Complexity:

LOW

Privileges Required:

NONE

User Interaction:

REQUIRED

Scope:

CHANGED

Confidentiality Impact:

HIGH

Integrity Impact:

HIGH

Availability Impact:

NONE

Weakness Type

What is a Marshaling, Unmarshaling Vulnerability?

The application deserializes untrusted data without sufficiently verifying that the resulting data will be valid.

CVE-2026-34615 has been classified to as a Marshaling, Unmarshaling vulnerability or weakness.

Products Associated with CVE-2026-34615

Want to know whenever a new CVE is published for Adobe Connect? stack.watch will email you.

Adobe Connect 12.10/2025.3 Deserialization Exploit
CVE-2026-34615 Published on April 14, 2026

Vulnerability Analysis

Weakness Type

What is a Marshaling, Unmarshaling Vulnerability?

Products Associated with CVE-2026-34615

Affected Versions

Adobe Connect 12.10/2025.3 Deserialization ExploitCVE-2026-34615 Published on April 14, 2026

Vulnerability Analysis

Weakness Type

What is a Marshaling, Unmarshaling Vulnerability?

Products Associated with CVE-2026-34615

Affected Versions

Adobe Connect 12.10/2025.3 Deserialization Exploit
CVE-2026-34615 Published on April 14, 2026