Loading...

CVE-2014-0496

HIGHNVD 8.89.8▲Trending — 4 sources updated this weekExploited in the wild

8.8

Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.9 and 11.x before 11.0.06 on Windows and Mac OS X allows attackers to execute arbitrary code via unspecified vectors.

CVSS v3: 8.8
EG Score: 9.8(high)
EPSS: 98.5%
KEV: ⚠ Exploited

Published

January 15, 2014

Last Modified

April 21, 2026

Advisory Details (2)

Auto-updated May 2, 2026

⚠️ Active exploitation confirmed. Patch available. Sources: cisa.

cisa Patch Available🔴 Active Exploitation

Known Exploited Vulnerabilities Catalog | CISA

Known Exploited Vulnerabilities Catalog | CISA. Listed in CISA Known Exploited Vulnerabilities catalog.

https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2014-0496

generic🔴 Active Exploitation

Acroread bugs should be UI:R and Automatable:No · Issue #199 · cisagov/vulnrichment · GitHub

https://github.com/cisagov/vulnrichment/issues/199

Weakness Classification(1)

MITRE Common Weakness Enumeration — the root-cause categories this CVE belongs to.

CWE-416Use After Free

Data Freshness Timeline

(refreshed 103× in last 7d / 290× in last 30d)

Each row is a source pipeline that fetched or updated this CVE on that date, with what changed. For example, "NVD update" means NVD published or revised its analysis for this CVE; "MITRE cvelistV5" means we ingested or refreshed it from the CNA feed. Most recent first.

Showing the most recent 100 of 290 total refreshes for this CVE.

2026-06-17 10:41 UTCEG score recompute
2026-06-17 10:41 UTCGHSA enrichment
2026-06-17 07:01 UTCEG score recompute
2026-06-17 07:01 UTCGHSA enrichment
2026-06-17 03:19 UTCEG score recompute
2026-06-17 03:19 UTCGHSA enrichment
2026-06-16 23:40 UTCEG score recompute
2026-06-16 23:40 UTCGHSA enrichment
2026-06-16 20:00 UTCEG score recompute
2026-06-16 20:00 UTCGHSA enrichment
2026-06-16 19:33 UTCCISA KEV update
2026-06-16 17:49 UTCEPSS rescore
2026-06-16 17:49 UTCEPSS rescore
2026-06-16 17:49 UTCEPSS rescore
2026-06-16 16:22 UTCEG score recompute
2026-06-16 16:21 UTCGHSA enrichment
2026-06-16 12:41 UTCEG score recompute
2026-06-16 12:40 UTCGHSA enrichment
2026-06-16 08:59 UTCEG score recompute
2026-06-16 08:59 UTCGHSA enrichment
2026-06-16 05:19 UTCEG score recompute
2026-06-16 05:19 UTCGHSA enrichment
2026-06-16 01:40 UTCEG score recompute
2026-06-16 01:40 UTCGHSA enrichment
2026-06-15 22:02 UTCEG score recompute

Show 75 more

2026-06-15 22:02 UTCGHSA enrichment
2026-06-15 19:33 UTCCISA KEV update
2026-06-15 18:11 UTCEG score recompute
2026-06-15 18:11 UTCGHSA enrichment
2026-06-15 17:44 UTCEPSS rescore
2026-06-15 14:15 UTCEG score recompute
2026-06-15 14:15 UTCGHSA enrichment
2026-06-15 10:34 UTCEG score recompute
2026-06-15 10:34 UTCGHSA enrichment
2026-06-15 06:53 UTCEG score recompute
2026-06-15 06:53 UTCGHSA enrichment
2026-06-15 03:14 UTCEG score recompute
2026-06-15 03:14 UTCGHSA enrichment
2026-06-14 23:34 UTCEG score recompute
2026-06-14 23:34 UTCGHSA enrichment
2026-06-14 23:14 UTCEPSS rescore
2026-06-14 19:55 UTCEG score recompute
2026-06-14 19:54 UTCGHSA enrichment
2026-06-14 16:15 UTCEG score recompute
2026-06-14 16:15 UTCGHSA enrichment
2026-06-14 12:36 UTCEG score recompute
2026-06-14 12:36 UTCGHSA enrichment
2026-06-14 08:57 UTCEG score recompute
2026-06-14 08:57 UTCGHSA enrichment
2026-06-14 05:18 UTCEG score recompute
2026-06-14 05:18 UTCGHSA enrichment
2026-06-14 01:39 UTCEG score recompute
2026-06-14 01:39 UTCGHSA enrichment
2026-06-13 22:57 UTCEPSS rescore
2026-06-13 21:59 UTCEG score recompute
2026-06-13 21:59 UTCGHSA enrichment
2026-06-13 18:19 UTCEG score recompute
2026-06-13 18:18 UTCGHSA enrichment
2026-06-13 14:37 UTCEG score recompute
2026-06-13 14:36 UTCGHSA enrichment
2026-06-13 10:57 UTCEG score recompute
2026-06-13 10:57 UTCGHSA enrichment
2026-06-13 07:16 UTCEG score recompute
2026-06-13 07:16 UTCGHSA enrichment
2026-06-13 03:36 UTCEG score recompute
2026-06-13 03:36 UTCGHSA enrichment
2026-06-12 23:57 UTCEG score recompute
2026-06-12 23:57 UTCGHSA enrichment
2026-06-12 23:08 UTCEPSS rescore
2026-06-12 20:18 UTCEG score recompute
2026-06-12 20:18 UTCGHSA enrichment
2026-06-12 17:35 UTCCISA KEV update
2026-06-12 16:39 UTCEG score recompute
2026-06-12 16:39 UTCGHSA enrichment
2026-06-12 12:59 UTCEG score recompute
2026-06-12 12:59 UTCGHSA enrichment
2026-06-12 09:20 UTCEG score recompute
2026-06-12 09:20 UTCGHSA enrichment
2026-06-12 05:42 UTCEG score recompute
2026-06-12 05:42 UTCGHSA enrichment
2026-06-12 02:03 UTCEG score recompute
2026-06-12 02:03 UTCGHSA enrichment
2026-06-11 22:24 UTCEG score recompute
2026-06-11 22:24 UTCGHSA enrichment
2026-06-11 19:10 UTCCISA KEV update
2026-06-11 18:45 UTCEG score recompute
2026-06-11 18:45 UTCGHSA enrichment
2026-06-11 15:06 UTCEG score recompute
2026-06-11 15:06 UTCGHSA enrichment
2026-06-11 13:56 UTCEPSS rescore
2026-06-11 11:27 UTCEG score recompute
2026-06-11 11:27 UTCGHSA enrichment
2026-06-11 07:47 UTCEG score recompute
2026-06-11 07:47 UTCGHSA enrichment
2026-06-11 04:08 UTCEG score recompute
2026-06-11 04:08 UTCGHSA enrichment
2026-06-11 00:29 UTCEG score recompute
2026-06-11 00:29 UTCGHSA enrichment
2026-06-10 22:15 UTCEPSS rescore
2026-06-10 20:50 UTCEG score recompute

Frequently asked(6)

What is CVE-2014-0496?

CVE-2014-0496 is a high vulnerability published on January 15, 2014. Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.9 and 11.x before 11.0.06 on Windows and Mac OS X allows attackers to execute arbitrary code via unspecified vectors.

When was CVE-2014-0496 disclosed?

CVE-2014-0496 was first published in the National Vulnerability Database on January 15, 2014, with the most recent update on April 21, 2026. EchelonGraph re-ingests CVE updates from NVD on a 2-hour cycle, so this page reflects the latest published state.

Is CVE-2014-0496 actively exploited?

Yes. CISA added CVE-2014-0496 to the Known Exploited Vulnerabilities catalog on March 3, 2022, affecting Adobe Reader and Acrobat. KEV listing indicates confirmed exploitation in the wild; this CVE warrants immediate patching attention.

What is the CVSS score of CVE-2014-0496?

CVE-2014-0496 has a CVSS v3 base score of 8.8 (NVD). EchelonGraph synthesises NVD + CISA KEV + FIRST EPSS + GHSA into a combined EG score of 9.8.

Which products are affected by CVE-2014-0496?

CVE-2014-0496 affects Adobe Reader and Acrobat. The full affected-products list, including version ranges and fixed versions, is shown in the Affected Packages section of this page.

How do I remediate CVE-2014-0496?

Patch to the fixed version published by the affected vendor. Where vendor advisories exist for CVE-2014-0496, EchelonGraph cross-links them in the Vendor Advisories panel below — those typically contain the canonical remediation steps, fixed version numbers, and any vendor-specific mitigations.

Dependency Blast Radius

Explore the affected products and dependency analysis for CVE-2014-0496

Is Your Infrastructure Affected by CVE-2014-0496?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs