Zscaler protects against 13 new vulnerabilities for Adobe Acrobat and Reader

Zscaler, working with Microsoft through their MAPP program, has proactively deployed protection for the following 13 vulnerabilities included in the June 2026 Adobe security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the June release and deploy additional protections, as necessary.

APSB26-63 – Security updates available for Adobe Acrobat and Reader.

Adobe has released security updates for Adobe Acrobat and Reader for Windows and macOS. This update addresses a critical and important vulnerability. Successful exploitation could lead to arbitrary code execution, application denial-of-service, and memory exposure. 

Affected Software

• Acrobat DC Continuous 26.001.21657 and earlier versions for Windows & macOS
• Acrobat Reader DC Continuous 26.001.21651 and earlier versions for Windows & macOS
• Acrobat 2024 Classic 2024 24.001.30365 and earlier versions for Windows & macOS

CVE-2026-47911 – Out-of-bounds Write vulnerability leading to Arbitrary code execution.

Severity: Critical

Subscription Required

• Advanced Threat Protection 

CVE-2026-47912 – Use After Free vulnerability leading to Arbitrary code execution. 

Severity: Critical

Subscription Required

• Advanced Threat Protection 

CVE-2026-47913 – Use After Free vulnerability leading to Arbitrary code execution. 

Severity: Critical

Subscription Required

• Advanced Threat Protection 

CVE-2026-47914 – Use After Free vulnerability leading to Arbitrary code execution. 

Severity: Critical

Subscription Required

• Advanced Threat Protection 

CVE-2026-47915 – Use After Free vulnerability leading to Arbitrary code execution. 

Severity: Critical

Subscription Required

• Advanced Threat Protection 

CVE-2026-47916 – Use After Free vulnerability leading to Arbitrary code execution. 

Severity: Critical

Subscription Required

• Advanced Threat Protection 

CVE-2026-47917 – Use After Free vulnerability leading to Arbitrary code execution. 

Severity: Critical

Subscription Required

• Advanced Threat Protection 

CVE-2026-47918 – Use After Free vulnerability leading to Arbitrary code execution. 

Severity: Critical

Subscription Required

• Advanced Threat Protection 

CVE-2026-47919 – Use After Free vulnerability leading to Arbitrary code execution. 

Severity: Critical

Subscription Required

• Advanced Threat Protection 

CVE-2026-47923 – Out-of-bounds Read vulnerability leading to Memory exposure. 

Severity: Important

Subscription Required

• Advanced Threat Protection 

CVE-2026-47924 – Use After Free vulnerability leading to Memory exposure. 

Severity: Important

Subscription Required

• Advanced Threat Protection 

CVE-2026-47925 – Integer Overflow or wraparound vulnerability leading to Application denial-of-service. 

Severity: Important

Subscription Required

• Advanced Threat Protection 

CVE-2026-47926 – Out-of-bounds Read vulnerability leading to Memory exposure. 

Severity: Important

Subscription Required

• Advanced Threat Protection