CVE-2026-34621 PoC isn’t a scanner, it’s a campaign weaponizer with 62 pre-authenticated Brazilian fintech targets

CVE-2026-34621 is an Adobe Acrobat prototype pollution leading to arbitrary code execution. CVSS 8.6, on CISA’s Known Exploited Vulnerabilities list with a federal remediation deadline of April 27, 2026. The published PoC at NULL200OK/cve_2026_34621_advanced is not a scanner. The repository ships a complete cross-platform kit with environment keying (only detonates on specific target machines), lure PDF merging, staged payloads, persistence on both Windows and macOS, and a campaign-tracking JSON ledger per generated document. It also ships with a targets file containing 62 pre-authenticated entries in Brazilian financial infrastructure. The writeup covers the trust-inheritance mechanism behind the privilege escape, why the scripted URL-launch path fails as written while another method succeeds, and what the feature set implies about who the tool was actually built for. A disclaimer prints before the tool parses its arguments. submitted by /u/TakesThisSeriously [link] [comments]Technical Information Security Content & DiscussionRead More