Adobe Acrobat Reader CVE-2026-34621: Active exploitation via prototype pollution

Executive summary: CVE-2026-34621 is a critical (CVSS 8.6) prototype-pollution vulnerability in Adobe Acrobat/Reader exploited in the wild via malicious PDFs that embed heavily obfuscated JavaScript to perform sandbox escape, system fingerprinting, RCE and covert RSS-based data exfiltration; the report provides a step-by-step technical analysis of the exploit chain, environment checks, payload delivery method, cleanup behavior, and supplies IOCs (file hashes and attacker-controlled IPs) and mitigation guidance.