Adobe has confirmed a zero-day vulnerability in Adobe Reader that's been actively exploited through malicious PDF files since December 2025. Attackers have been leveraging this security flaw to compromise systems before a patch could be developed and deployed. Adobe is working on a fix for this actively exploited vulnerability that poses a significant risk to users who open untrusted PDF documents.