Japan JPCERT Advisories

Adobe Acrobat and Reader Vulnerability APSB26-43 Allows Arbitrary Code Execution

JPCERT/CC issued alert JPCERT-AT-2026-0009 on April 13, 2026, advising that Adobe has confirmed active exploitation of a vulnerability (APSB26-43) in Adobe Acrobat and Reader allowing arbitrary code execution. Affected versions include Adobe Acrobat DC Continuous up to 26.001.21367, Adobe Acrobat Reader DC Continuous up to 26.001.21367, and Adobe Acrobat 2024 Classic up to 24.001.30356. Patched versions 26.001.21411 (DC Continuous) and 24.001.30362/24.001.30360 (2024 Classic) are available. JPCERT/CC has not confirmed domestic exploitation at publication but warns that widespread use of these products in Japan creates future risk as vulnerability details become publicly available.

Adobe Acrobat Reader Critical Vulnerability APSB26-44 Warning

JPCERT/CC has issued alert JPCERT-AT-2026-0011 warning of critical vulnerabilities (APSB26-44) in Adobe Acrobat and Adobe Acrobat Reader for Windows and macOS. Exploitation could allow arbitrary code execution when a user opens a maliciously crafted PDF. Affected versions include Adobe Acrobat DC Continuous up to 26.001.21411 and Adobe Acrobat 2024 Classic up to 24.001.30362. JPCERT recommends updating immediately to patched versions 26.001.21431 (Continuous) or 24.001.30365 (2024 Classic).

JPCERT Advisory CVE-2026-32201: Active SharePoint Spoofing Vulnerability

JPCERT/CC issued alert JPCERT-AT-2026-0010 on April 15, 2026, notifying that Microsoft SharePoint Server contains a spoofing vulnerability (CVE-2026-32201) currently being exploited in the wild. Attackers can achieve authentication-free network-based impersonation and remote code execution. The advisory directs affected organizations to apply the April 2026 Microsoft security updates via Microsoft Update or Windows Update immediately.