A zero-day vulnerability in Adobe Acrobat Reader is being actively exploited via malicious PDF files, with attacks observed since at least November 2025. The article does not provide a CVSS score, specific affected version ranges, a fixed version, or a recommended workaround.
Unknown attackers have exploited a zero-day Adobe Acrobat Reader vulnerability since November 2025 and possibly even earlier, security researcher Haifei Li has discovered. PDF files carry the exploit Haifei Li is one of the creators of EXPMON, a sandbox-based cybersecurity system for detecting advanced file-based exploits. It does so by analyzing suspicious files submitted through its public web interface or API. “Just few weeks ago, on March 26, someone submitted a PDF sample to EXPMON. … More → The post Acrobat Reader zero-day exploited in the wild for many months appeared first on Help Net Security .