June 8, 2022 · Applied Cybernetics Group
CVE-2018-4990 — Adobe Acrobat and Reader
Adobe Acrobat and Reader Double Free Vulnerability
- Added to KEV
2022-06-08- Federal due date
2022-06-22- Vendor
- Adobe
- Product
- Acrobat and Reader
- EPSS
- 97.9th percentile (score 0.515, as of
2026-06-08) - NVD CVSS v3.1
- —
- Ransomware use
- Unknown
- Upstream
- https://nvd.nist.gov/vuln/detail/CVE-2018-4990
CISA short description
Adobe Acrobat and Reader have a double free vulnerability that could lead to remote code execution.
Required action
Apply updates per vendor instructions.