Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CERTFR-2026-AVI-0845
Vulnerability from certfr_avis - Published: 2026-07-08 - Updated: 2026-07-08
De multiples vulnérabilités ont été découvertes dans les produits Foxit. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et une atteinte à la confidentialité des données.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Foxit | PDF Editor | PDF Editor versions 13.x antérieures à 13.2.5 pour Windows | ||
| Foxit | PDF Editor | PDF Editor versions 14.x antérieures à 14.0.5 pour Mac | ||
| Foxit | PDF Editor | PDF Editor versions 14.x antérieures à 14.0.5 pour Windows | ||
| Foxit | PDF Editor | PDF Editor versions 13.x antérieures à 13.2.5 pour Mac | ||
| Foxit | PDF Reader | PDF Reader versions 2026.x antérieures à 2026.1.2 pour Windows | ||
| Foxit | PDF Reader | PDF Reader versions antérieures à 2026.1.2 pour Mac | ||
| Foxit | PDF Editor | PDF Editor versions antérieures à 2026.1.2 pour Mac |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "PDF Editor versions 13.x ant\u00e9rieures \u00e0 13.2.5 pour Windows",
"product": {
"name": "PDF Editor",
"vendor": {
"name": "Foxit",
"scada": false
}
}
},
{
"description": "PDF Editor versions 14.x ant\u00e9rieures \u00e0 14.0.5 pour Mac",
"product": {
"name": "PDF Editor",
"vendor": {
"name": "Foxit",
"scada": false
}
}
},
{
"description": "PDF Editor versions 14.x ant\u00e9rieures \u00e0 14.0.5 pour Windows",
"product": {
"name": "PDF Editor",
"vendor": {
"name": "Foxit",
"scada": false
}
}
},
{
"description": "PDF Editor versions 13.x ant\u00e9rieures \u00e0 13.2.5 pour Mac",
"product": {
"name": "PDF Editor",
"vendor": {
"name": "Foxit",
"scada": false
}
}
},
{
"description": "PDF Reader versions 2026.x ant\u00e9rieures \u00e0 2026.1.2 pour Windows",
"product": {
"name": "PDF Reader",
"vendor": {
"name": "Foxit",
"scada": false
}
}
},
{
"description": "PDF Reader versions ant\u00e9rieures \u00e0 2026.1.2 pour Mac",
"product": {
"name": "PDF Reader",
"vendor": {
"name": "Foxit",
"scada": false
}
}
},
{
"description": "PDF Editor versions ant\u00e9rieures \u00e0 2026.1.2 pour Mac",
"product": {
"name": "PDF Editor",
"vendor": {
"name": "Foxit",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2026-57248",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-57248"
},
{
"name": "CVE-2026-57247",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-57247"
},
{
"name": "CVE-2026-57250",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-57250"
},
{
"name": "CVE-2026-57249",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-57249"
},
{
"name": "CVE-2026-57258",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-57258"
},
{
"name": "CVE-2026-57252",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-57252"
},
{
"name": "CVE-2026-13127",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-13127"
},
{
"name": "CVE-2026-57243",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-57243"
},
{
"name": "CVE-2026-57260",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-57260"
},
{
"name": "CVE-2026-57241",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-57241"
},
{
"name": "CVE-2026-57246",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-57246"
},
{
"name": "CVE-2026-57254",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-57254"
},
{
"name": "CVE-2026-57240",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-57240"
},
{
"name": "CVE-2026-57256",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-57256"
},
{
"name": "CVE-2026-57239",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-57239"
},
{
"name": "CVE-2026-57244",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-57244"
},
{
"name": "CVE-2026-13126",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-13126"
},
{
"name": "CVE-2026-13129",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-13129"
},
{
"name": "CVE-2026-57251",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-57251"
},
{
"name": "CVE-2026-57257",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-57257"
},
{
"name": "CVE-2026-57245",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-57245"
},
{
"name": "CVE-2026-57259",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-57259"
},
{
"name": "CVE-2026-57242",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-57242"
},
{
"name": "CVE-2026-57255",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-57255"
},
{
"name": "CVE-2026-57238",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-57238"
},
{
"name": "CVE-2026-13128",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-13128"
},
{
"name": "CVE-2026-57253",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-57253"
},
{
"name": "CVE-2026-57237",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-57237"
}
],
"initial_release_date": "2026-07-08T00:00:00",
"last_revision_date": "2026-07-08T00:00:00",
"links": [],
"reference": "CERTFR-2026-AVI-0845",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2026-07-08T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Foxit. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Foxit",
"vendor_advisories": [
{
"published_at": "2026-07-08",
"title": "Bulletin de s\u00e9curit\u00e9 FoxIT",
"url": "https://www.foxitsoftware.com/support/security-bulletins.php"
}
]
}
CVE-2026-57243 (GCVE-0-2026-57243)
Vulnerability from cvelistv5 – Published: 2026-07-08 07:36 – Updated: 2026-07-08 13:16
VLAI
EPSS
Title
Foxit PDF Editor/Reader Page Out-of-bounds Read Vulnerability
Summary
During the process of page opening and form formatting, a JavaScript reentrancy results in an inconsistent document status. Subsequently, with outdated page information, the application attempts to access invalid addresses, causing the application to crash.
Severity
6.1 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-125 - Out-of-bounds read
Assigner
References
1 reference
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Foxit Software Inc. | Foxit PDF Editor |
Affected:
Versions 2026.1.1 and earlier
Affected: Versions 14.0.4 and earlier Affected: Versions 13.2.4 and earlier |
|
| Foxit Software Inc. | Foxit PDF Reader |
Affected:
Versions 2026.1.1 and earlier
|
Credits
XuPeng
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-57243",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-07-08T13:16:00.513613Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-07-08T13:16:09.439Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Windows"
],
"product": "Foxit PDF Editor",
"vendor": "Foxit Software Inc.",
"versions": [
{
"status": "affected",
"version": "Versions 2026.1.1 and earlier"
},
{
"status": "affected",
"version": "Versions 14.0.4 and earlier"
},
{
"status": "affected",
"version": "Versions 13.2.4 and earlier"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows"
],
"product": "Foxit PDF Reader",
"vendor": "Foxit Software Inc.",
"versions": [
{
"status": "affected",
"version": "Versions 2026.1.1 and earlier"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "XuPeng"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "During the process of page opening and form formatting, a JavaScript reentrancy results in an inconsistent document status. Subsequently, with outdated page information, the application attempts to access invalid addresses, causing the application to crash."
}
],
"value": "During the process of page opening and form formatting, a JavaScript reentrancy results in an inconsistent document status. Subsequently, with outdated page information, the application attempts to access invalid addresses, causing the application to crash."
}
],
"impacts": [
{
"descriptions": [
{
"lang": "en",
"value": "Information Disclosure"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-08T07:36:23.592Z",
"orgId": "14984358-7092-470d-8f34-ade47a7658a2",
"shortName": "Foxit"
},
"references": [
{
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"title": "Foxit PDF Editor/Reader Page Out-of-bounds Read Vulnerability",
"x_generator": {
"engine": "Vulnogram 1.0.2"
}
}
},
"cveMetadata": {
"assignerOrgId": "14984358-7092-470d-8f34-ade47a7658a2",
"assignerShortName": "Foxit",
"cveId": "CVE-2026-57243",
"datePublished": "2026-07-08T07:36:23.592Z",
"dateReserved": "2026-06-24T03:01:15.648Z",
"dateUpdated": "2026-07-08T13:16:09.439Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-57244 (GCVE-0-2026-57244)
Vulnerability from cvelistv5 – Published: 2026-07-08 07:36 – Updated: 2026-07-08 13:14
VLAI
EPSS
Title
Foxit PDF Editor/Reader Form Control Use-After-Free Vulnerability
Summary
After JavaScript resetting the form, the synchronization process lacks re-entry protection and object lifecycle verification, resulting in the failure of the control pointer during the traversal process. After the pointer fails, it still continues to dereference, causing the application to crash.
Severity
7.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-416 - Use after free
Assigner
References
1 reference
Impacted products
3 products
| Vendor | Product | Version | |
|---|---|---|---|
| Foxit Software Inc. | Foxit PDF Editor |
Affected:
Versions 2026.1.1 and earlier
Affected: Versions 14.0.4 and earlier Affected: Versions 13.2.4 and earlier |
|
| Foxit Software Inc. | Foxit PDF Editor |
Affected:
Versions 2026.1.1 and earlier
Affected: Versions 14.0.3 and earlier Affected: Versions 13.2.3 and earlier |
|
| Foxit Software Inc. | Foxit PDF Reader |
Affected:
Versions 2026.1.1 and earlier
|
Credits
XuPeng
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-57244",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-07-08T13:14:43.136775Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-07-08T13:14:51.433Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Windows"
],
"product": "Foxit PDF Editor",
"vendor": "Foxit Software Inc.",
"versions": [
{
"status": "affected",
"version": "Versions 2026.1.1 and earlier"
},
{
"status": "affected",
"version": "Versions 14.0.4 and earlier"
},
{
"status": "affected",
"version": "Versions 13.2.4 and earlier"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"MacOS"
],
"product": "Foxit PDF Editor",
"vendor": "Foxit Software Inc.",
"versions": [
{
"status": "affected",
"version": "Versions 2026.1.1 and earlier"
},
{
"status": "affected",
"version": "Versions 14.0.3 and earlier"
},
{
"status": "affected",
"version": "Versions 13.2.3 and earlier"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows",
"MacOS"
],
"product": "Foxit PDF Reader",
"vendor": "Foxit Software Inc.",
"versions": [
{
"status": "affected",
"version": "Versions 2026.1.1 and earlier"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "XuPeng"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "After JavaScript resetting the form, the synchronization process lacks re-entry protection and object lifecycle verification, resulting in the failure of the control pointer during the traversal process. After the pointer fails, it still continues to dereference, causing the application to crash."
}
],
"value": "After JavaScript resetting the form, the synchronization process lacks re-entry protection and object lifecycle verification, resulting in the failure of the control pointer during the traversal process. After the pointer fails, it still continues to dereference, causing the application to crash."
}
],
"impacts": [
{
"descriptions": [
{
"lang": "en",
"value": "Potential arbitrary code execution"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416 Use after free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-08T07:36:04.601Z",
"orgId": "14984358-7092-470d-8f34-ade47a7658a2",
"shortName": "Foxit"
},
"references": [
{
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"title": "Foxit PDF Editor/Reader Form Control Use-After-Free Vulnerability",
"x_generator": {
"engine": "Vulnogram 1.0.2"
}
}
},
"cveMetadata": {
"assignerOrgId": "14984358-7092-470d-8f34-ade47a7658a2",
"assignerShortName": "Foxit",
"cveId": "CVE-2026-57244",
"datePublished": "2026-07-08T07:36:04.601Z",
"dateReserved": "2026-06-24T03:01:15.649Z",
"dateUpdated": "2026-07-08T13:14:51.433Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-57245 (GCVE-0-2026-57245)
Vulnerability from cvelistv5 – Published: 2026-07-08 07:36 – Updated: 2026-07-08 13:44
VLAI
EPSS
Title
Foxit PDF Editor/Reader Signature Hyperlink Use-After-Free Vulnerability
Summary
When the application opens a PDF, traverses and builds the annotation elements related to hyperlinks, it fails to validate the abnormal annotation relationships and field combinations. This results in the internal objects entering an invalid state. Eventually, during the destruction phase, an invalid pointer write occurred, causing the application to crash.
Severity
7.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-416 - Use after free
Assigner
References
1 reference
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Foxit Software Inc. | Foxit PDF Editor |
Affected:
Versions 2026.1.1 and earlier
Affected: Versions 14.0.4 and earlier Affected: Versions 13.2.4 and earlier |
|
| Foxit Software Inc. | Foxit PDF Reader |
Affected:
Versions 2026.1.1 and earlier
|
Credits
XuPeng
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-57245",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-07-08T13:35:05.013350Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-07-08T13:44:42.121Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Windows"
],
"product": "Foxit PDF Editor",
"vendor": "Foxit Software Inc.",
"versions": [
{
"status": "affected",
"version": "Versions 2026.1.1 and earlier"
},
{
"status": "affected",
"version": "Versions 14.0.4 and earlier"
},
{
"status": "affected",
"version": "Versions 13.2.4 and earlier"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows"
],
"product": "Foxit PDF Reader",
"vendor": "Foxit Software Inc.",
"versions": [
{
"status": "affected",
"version": "Versions 2026.1.1 and earlier"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "XuPeng"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "When the application opens a PDF, traverses and builds the annotation elements related to hyperlinks, it fails to validate the abnormal annotation relationships and field combinations. This results in the internal objects entering an invalid state. Eventually, during the destruction phase, an invalid pointer write occurred, causing the application to crash."
}
],
"value": "When the application opens a PDF, traverses and builds the annotation elements related to hyperlinks, it fails to validate the abnormal annotation relationships and field combinations. This results in the internal objects entering an invalid state. Eventually, during the destruction phase, an invalid pointer write occurred, causing the application to crash."
}
],
"impacts": [
{
"descriptions": [
{
"lang": "en",
"value": "Potential arbitrary code execution"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416 Use after free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-08T07:36:22.015Z",
"orgId": "14984358-7092-470d-8f34-ade47a7658a2",
"shortName": "Foxit"
},
"references": [
{
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"title": "Foxit PDF Editor/Reader Signature Hyperlink Use-After-Free Vulnerability",
"x_generator": {
"engine": "Vulnogram 1.0.2"
}
}
},
"cveMetadata": {
"assignerOrgId": "14984358-7092-470d-8f34-ade47a7658a2",
"assignerShortName": "Foxit",
"cveId": "CVE-2026-57245",
"datePublished": "2026-07-08T07:36:22.015Z",
"dateReserved": "2026-06-24T03:01:15.649Z",
"dateUpdated": "2026-07-08T13:44:42.121Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-57246 (GCVE-0-2026-57246)
Vulnerability from cvelistv5 – Published: 2026-07-08 07:36 – Updated: 2026-07-08 12:37
VLAI
EPSS
Title
Foxit PDF Editor/Reader Signature Buffer Overflow Vulnerability
Summary
When dealing with abnormally constructed objects, there is a lack of argument validation; JavaScript triggers signature verification, but the signature plugin does not perform validation when copying the abnormal string, causing the application to crash.
Severity
7.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-120 - Buffer Copy without Checking Size of Input (CWE-120)
Assigner
References
1 reference
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Foxit Software Inc. | Foxit PDF Editor |
Affected:
Versions 2026.1.1 and earlier
Affected: Versions 14.0.4 and earlier Affected: Versions 13.2.4 and earlier |
|
| Foxit Software Inc. | Foxit PDF Reader |
Affected:
Versions 2026.1.1 and earlier
|
Credits
XuPeng
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-57246",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-07-08T12:27:49.970979Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-07-08T12:37:10.445Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Windows"
],
"product": "Foxit PDF Editor",
"vendor": "Foxit Software Inc.",
"versions": [
{
"status": "affected",
"version": "Versions 2026.1.1 and earlier"
},
{
"status": "affected",
"version": "Versions 14.0.4 and earlier"
},
{
"status": "affected",
"version": "Versions 13.2.4 and earlier"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows",
"MacOS"
],
"product": "Foxit PDF Reader",
"vendor": "Foxit Software Inc.",
"versions": [
{
"status": "affected",
"version": "Versions 2026.1.1 and earlier"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "XuPeng"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "When dealing with abnormally constructed objects, there is a lack of argument validation; JavaScript triggers signature verification, but the signature plugin does not perform validation when copying the abnormal string, causing the application to crash."
}
],
"value": "When dealing with abnormally constructed objects, there is a lack of argument validation; JavaScript triggers signature verification, but the signature plugin does not perform validation when copying the abnormal string, causing the application to crash."
}
],
"impacts": [
{
"descriptions": [
{
"lang": "en",
"value": "Potential arbitrary code execution"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-120",
"description": "Buffer Copy without Checking Size of Input (CWE-120)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-08T07:49:13.747Z",
"orgId": "14984358-7092-470d-8f34-ade47a7658a2",
"shortName": "Foxit"
},
"references": [
{
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"title": "Foxit PDF Editor/Reader Signature Buffer Overflow Vulnerability",
"x_generator": {
"engine": "Vulnogram 1.0.2"
}
}
},
"cveMetadata": {
"assignerOrgId": "14984358-7092-470d-8f34-ade47a7658a2",
"assignerShortName": "Foxit",
"cveId": "CVE-2026-57246",
"datePublished": "2026-07-08T07:36:20.437Z",
"dateReserved": "2026-06-24T03:01:15.649Z",
"dateUpdated": "2026-07-08T12:37:10.445Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-57247 (GCVE-0-2026-57247)
Vulnerability from cvelistv5 – Published: 2026-07-08 07:36 – Updated: 2026-07-08 13:14
VLAI
EPSS
Title
Foxit PDF Editor/Reader Field Use-After-Free Vulnerability
Summary
The application re-enters the document structure via field processing and deletes the current page, and then continues using the field objects obtained before deletion, triggering an illegal read and crashing.
Severity
7.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-416 - Use after free
Assigner
References
1 reference
Impacted products
3 products
| Vendor | Product | Version | |
|---|---|---|---|
| Foxit Software Inc. | Foxit PDF Editor |
Affected:
Versions 2026.1.1 and earlier
Affected: Versions 14.0.4 and earlier Affected: Versions 13.2.4 and earlier |
|
| Foxit Software Inc. | Foxit PDF Editor |
Affected:
Versions 2026.1.1 and earlier
Affected: Versions 14.0.3 and earlier |
|
| Foxit Software Inc. | Foxit PDF Reader |
Affected:
Versions 2026.1.1 and earlier
|
Credits
XuPeng
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-57247",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-07-08T13:14:19.061141Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-07-08T13:14:30.233Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Windows"
],
"product": "Foxit PDF Editor",
"vendor": "Foxit Software Inc.",
"versions": [
{
"status": "affected",
"version": "Versions 2026.1.1 and earlier"
},
{
"status": "affected",
"version": "Versions 14.0.4 and earlier"
},
{
"status": "affected",
"version": "Versions 13.2.4 and earlier"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"MacOS"
],
"product": "Foxit PDF Editor",
"vendor": "Foxit Software Inc.",
"versions": [
{
"status": "affected",
"version": "Versions 2026.1.1 and earlier"
},
{
"status": "affected",
"version": "Versions 14.0.3 and earlier"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows",
"MacOS"
],
"product": "Foxit PDF Reader",
"vendor": "Foxit Software Inc.",
"versions": [
{
"status": "affected",
"version": "Versions 2026.1.1 and earlier"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "XuPeng"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The application re-enters the document structure via field processing and deletes the current page, and then continues using the field objects obtained before deletion, triggering an illegal read and crashing."
}
],
"value": "The application re-enters the document structure via field processing and deletes the current page, and then continues using the field objects obtained before deletion, triggering an illegal read and crashing."
}
],
"impacts": [
{
"descriptions": [
{
"lang": "en",
"value": "Potential arbitrary code execution"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416 Use after free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-08T07:36:03.024Z",
"orgId": "14984358-7092-470d-8f34-ade47a7658a2",
"shortName": "Foxit"
},
"references": [
{
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"title": "Foxit PDF Editor/Reader Field Use-After-Free Vulnerability",
"x_generator": {
"engine": "Vulnogram 1.0.2"
}
}
},
"cveMetadata": {
"assignerOrgId": "14984358-7092-470d-8f34-ade47a7658a2",
"assignerShortName": "Foxit",
"cveId": "CVE-2026-57247",
"datePublished": "2026-07-08T07:36:03.024Z",
"dateReserved": "2026-06-24T03:01:18.717Z",
"dateUpdated": "2026-07-08T13:14:30.233Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-57248 (GCVE-0-2026-57248)
Vulnerability from cvelistv5 – Published: 2026-07-08 07:36 – Updated: 2026-07-08 12:38
VLAI
EPSS
Title
Foxit PDF Editor/Reader Annotation Improper Release Vulnerability
Summary
When the application opens a PDF file and JavaScript writes annotation attributes, there is a lack of sufficient object type and argument checks. As a result, due to the damage to the internal structure of the annotations, it causes the application to crash during subsequent release.
Severity
7.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-763 - Release of invalid pointer or reference
Assigner
References
1 reference
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Foxit Software Inc. | Foxit PDF Editor |
Affected:
Versions 2026.1.1 and earlier
Affected: Versions 14.0.4 and earlier Affected: Versions 13.2.4 and earlier |
|
| Foxit Software Inc. | Foxit PDF Reader |
Affected:
Versions 2026.1.1 and earlier
|
Credits
XuPeng
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-57248",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-07-08T12:38:08.327134Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-07-08T12:38:26.513Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Windows"
],
"product": "Foxit PDF Editor",
"vendor": "Foxit Software Inc.",
"versions": [
{
"status": "affected",
"version": "Versions 2026.1.1 and earlier"
},
{
"status": "affected",
"version": "Versions 14.0.4 and earlier"
},
{
"status": "affected",
"version": "Versions 13.2.4 and earlier"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows"
],
"product": "Foxit PDF Reader",
"vendor": "Foxit Software Inc.",
"versions": [
{
"status": "affected",
"version": "Versions 2026.1.1 and earlier"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "XuPeng"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "When the application opens a PDF file and JavaScript writes annotation attributes, there is a lack of sufficient object type and argument checks. As a result, due to the damage to the internal structure of the annotations, it causes the application to crash during subsequent release."
}
],
"value": "When the application opens a PDF file and JavaScript writes annotation attributes, there is a lack of sufficient object type and argument checks. As a result, due to the damage to the internal structure of the annotations, it causes the application to crash during subsequent release."
}
],
"impacts": [
{
"descriptions": [
{
"lang": "en",
"value": "Potential arbitrary code execution"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-763",
"description": "CWE-763 Release of invalid pointer or reference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-08T07:36:18.835Z",
"orgId": "14984358-7092-470d-8f34-ade47a7658a2",
"shortName": "Foxit"
},
"references": [
{
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"title": "Foxit PDF Editor/Reader Annotation Improper Release Vulnerability",
"x_generator": {
"engine": "Vulnogram 1.0.2"
}
}
},
"cveMetadata": {
"assignerOrgId": "14984358-7092-470d-8f34-ade47a7658a2",
"assignerShortName": "Foxit",
"cveId": "CVE-2026-57248",
"datePublished": "2026-07-08T07:36:18.835Z",
"dateReserved": "2026-06-24T03:01:18.717Z",
"dateUpdated": "2026-07-08T12:38:26.513Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-57249 (GCVE-0-2026-57249)
Vulnerability from cvelistv5 – Published: 2026-07-08 07:36 – Updated: 2026-07-08 12:40
VLAI
EPSS
Title
Foxit PDF Editor/Reader Annotation Use-After-Free Vulnerability
Summary
After the application opened the PDF file, the script first reset the annotation status, then triggered the reset form event by additional action. During the re-entry process, the application access invalid objects and crashed.
Severity
7.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-416 - Use after free
Assigner
References
1 reference
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Foxit Software Inc. | Foxit PDF Editor |
Affected:
Versions 2026.1.1 and earlier
Affected: Versions 14.0.4 and earlier Affected: Versions 13.2.4 and earlier |
|
| Foxit Software Inc. | Foxit PDF Reader |
Affected:
Versions 2026.1.1 and earlier
|
Credits
XuPeng
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-57249",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-07-08T12:40:18.806545Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-07-08T12:40:28.820Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Windows"
],
"product": "Foxit PDF Editor",
"vendor": "Foxit Software Inc.",
"versions": [
{
"status": "affected",
"version": "Versions 2026.1.1 and earlier"
},
{
"status": "affected",
"version": "Versions 14.0.4 and earlier"
},
{
"status": "affected",
"version": "Versions 13.2.4 and earlier"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows"
],
"product": "Foxit PDF Reader",
"vendor": "Foxit Software Inc.",
"versions": [
{
"status": "affected",
"version": "Versions 2026.1.1 and earlier"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "XuPeng"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "After the application opened the PDF file, the script first reset the annotation status, then triggered the reset form event by additional action. During the re-entry process, the application access invalid objects and crashed."
}
],
"value": "After the application opened the PDF file, the script first reset the annotation status, then triggered the reset form event by additional action. During the re-entry process, the application access invalid objects and crashed."
}
],
"impacts": [
{
"descriptions": [
{
"lang": "en",
"value": "Potential arbitrary code execution"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416 Use after free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-08T07:36:17.227Z",
"orgId": "14984358-7092-470d-8f34-ade47a7658a2",
"shortName": "Foxit"
},
"references": [
{
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"title": "Foxit PDF Editor/Reader Annotation Use-After-Free Vulnerability",
"x_generator": {
"engine": "Vulnogram 1.0.2"
}
}
},
"cveMetadata": {
"assignerOrgId": "14984358-7092-470d-8f34-ade47a7658a2",
"assignerShortName": "Foxit",
"cveId": "CVE-2026-57249",
"datePublished": "2026-07-08T07:36:17.227Z",
"dateReserved": "2026-06-24T03:01:18.717Z",
"dateUpdated": "2026-07-08T12:40:28.820Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-57250 (GCVE-0-2026-57250)
Vulnerability from cvelistv5 – Published: 2026-07-08 07:36 – Updated: 2026-07-08 13:13
VLAI
EPSS
Title
Foxit PDF Editor/Reader Form Field Use-After-Free Vulnerability
Summary
When the application opens a PDF and JavaScript resets the form fields, the script re-enters the interface. The underlying native object is damaged, but the application does not perform validation. The function call on the damaged object leads to the application crashing.
Severity
7.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-416 - Use after free
Assigner
References
1 reference
Impacted products
3 products
| Vendor | Product | Version | |
|---|---|---|---|
| Foxit Software Inc. | Foxit PDF Editor |
Affected:
Versions 2026.1.1 and earlier
Affected: Versions 14.0.4 and earlier Affected: Versions 13.2.4 and earlier |
|
| Foxit Software Inc. | Foxit PDF Editor |
Affected:
Versions 2026.1.1 and earlier
Affected: Versions 14.0.3 and earlier Affected: Versions 13.2.3 and earlier |
|
| Foxit Software Inc. | Foxit PDF Reader |
Affected:
Versions 2026.1.1 and earlier
|
Credits
XuPeng
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-57250",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-07-08T13:13:48.237727Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-07-08T13:13:58.987Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Windows"
],
"product": "Foxit PDF Editor",
"vendor": "Foxit Software Inc.",
"versions": [
{
"status": "affected",
"version": "Versions 2026.1.1 and earlier"
},
{
"status": "affected",
"version": "Versions 14.0.4 and earlier"
},
{
"status": "affected",
"version": "Versions 13.2.4 and earlier"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"MacOS"
],
"product": "Foxit PDF Editor",
"vendor": "Foxit Software Inc.",
"versions": [
{
"status": "affected",
"version": "Versions 2026.1.1 and earlier"
},
{
"status": "affected",
"version": "Versions 14.0.3 and earlier"
},
{
"status": "affected",
"version": "Versions 13.2.3 and earlier"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows",
"MacOS"
],
"product": "Foxit PDF Reader",
"vendor": "Foxit Software Inc.",
"versions": [
{
"status": "affected",
"version": "Versions 2026.1.1 and earlier"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "XuPeng"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "When the application opens a PDF and JavaScript resets the form fields, the script re-enters the interface. The underlying native object is damaged, but the application does not perform validation. The function call on the damaged object leads to the application crashing."
}
],
"value": "When the application opens a PDF and JavaScript resets the form fields, the script re-enters the interface. The underlying native object is damaged, but the application does not perform validation. The function call on the damaged object leads to the application crashing."
}
],
"impacts": [
{
"descriptions": [
{
"lang": "en",
"value": "Potential arbitrary code execution"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416 Use after free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-08T07:36:01.416Z",
"orgId": "14984358-7092-470d-8f34-ade47a7658a2",
"shortName": "Foxit"
},
"references": [
{
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"title": "Foxit PDF Editor/Reader Form Field Use-After-Free Vulnerability",
"x_generator": {
"engine": "Vulnogram 1.0.2"
}
}
},
"cveMetadata": {
"assignerOrgId": "14984358-7092-470d-8f34-ade47a7658a2",
"assignerShortName": "Foxit",
"cveId": "CVE-2026-57250",
"datePublished": "2026-07-08T07:36:01.416Z",
"dateReserved": "2026-06-24T03:01:18.717Z",
"dateUpdated": "2026-07-08T13:13:58.987Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-57251 (GCVE-0-2026-57251)
Vulnerability from cvelistv5 – Published: 2026-07-08 07:36 – Updated: 2026-07-08 12:41
VLAI
EPSS
Title
Foxit PDF Editor/Reader Cloud Appearance Buffer Overflow Vulnerability
Summary
The application opens a PDF, but the cloud-like appearance of the construction process lacks proper setting of an upper limit and consistency checks. Out-of-bounds access to the underlying array is exposed, ultimately leading to a crash of the application.
Severity
7.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-129 - Improper validation of array index
Assigner
References
1 reference
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Foxit Software Inc. | Foxit PDF Editor |
Affected:
Versions 2026.1.1 and earlier
Affected: Versions 14.0.4 and earlier Affected: Versions 13.2.4 and earlier |
|
| Foxit Software Inc. | Foxit PDF Reader |
Affected:
Versions 2026.1.1 and earlier
|
Credits
XuPeng
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-57251",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-07-08T12:40:43.424088Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-07-08T12:41:07.653Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Windows"
],
"product": "Foxit PDF Editor",
"vendor": "Foxit Software Inc.",
"versions": [
{
"status": "affected",
"version": "Versions 2026.1.1 and earlier"
},
{
"status": "affected",
"version": "Versions 14.0.4 and earlier"
},
{
"status": "affected",
"version": "Versions 13.2.4 and earlier"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows"
],
"product": "Foxit PDF Reader",
"vendor": "Foxit Software Inc.",
"versions": [
{
"status": "affected",
"version": "Versions 2026.1.1 and earlier"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "XuPeng"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The application opens a PDF, but the cloud-like appearance of the construction process lacks proper setting of an upper limit and consistency checks. Out-of-bounds access to the underlying array is exposed, ultimately leading to a crash of the application."
}
],
"value": "The application opens a PDF, but the cloud-like appearance of the construction process lacks proper setting of an upper limit and consistency checks. Out-of-bounds access to the underlying array is exposed, ultimately leading to a crash of the application."
}
],
"impacts": [
{
"descriptions": [
{
"lang": "en",
"value": "Potential arbitrary code execution"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-129",
"description": "CWE-129 Improper validation of array index",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-08T07:36:15.661Z",
"orgId": "14984358-7092-470d-8f34-ade47a7658a2",
"shortName": "Foxit"
},
"references": [
{
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"title": "Foxit PDF Editor/Reader Cloud Appearance Buffer Overflow Vulnerability",
"x_generator": {
"engine": "Vulnogram 1.0.2"
}
}
},
"cveMetadata": {
"assignerOrgId": "14984358-7092-470d-8f34-ade47a7658a2",
"assignerShortName": "Foxit",
"cveId": "CVE-2026-57251",
"datePublished": "2026-07-08T07:36:15.661Z",
"dateReserved": "2026-06-24T03:01:18.717Z",
"dateUpdated": "2026-07-08T12:41:07.653Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-57252 (GCVE-0-2026-57252)
Vulnerability from cvelistv5 – Published: 2026-07-08 07:36 – Updated: 2026-07-08 12:43
VLAI
EPSS
Title
Foxit PDF Editor/Reader AcroForm Use-After-Free Remote Code Execution Vulnerability
Summary
When the application opens a PDF file, during the process of JavaScript deleting pages and removing attachment annotations, it will cause the attachment panel to continue accessing invalid pointers, eventually leading to the application crashing.
Severity
7.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-416 - Use after free
Assigner
References
1 reference
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Foxit Software Inc. | Foxit PDF Editor |
Affected:
Versions 2026.1.1 and earlier
Affected: Versions 14.0.4 and earlier Affected: Versions 13.2.4 and earlier |
|
| Foxit Software Inc. | Foxit PDF Reader |
Affected:
Versions 2026.1.1 and earlier
|
Credits
Anonymous working with TrendAI Zero Day Initiative
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-57252",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-07-08T12:43:48.257346Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-07-08T12:43:57.683Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Windows"
],
"product": "Foxit PDF Editor",
"vendor": "Foxit Software Inc.",
"versions": [
{
"status": "affected",
"version": "Versions 2026.1.1 and earlier"
},
{
"status": "affected",
"version": "Versions 14.0.4 and earlier"
},
{
"status": "affected",
"version": "Versions 13.2.4 and earlier"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows"
],
"product": "Foxit PDF Reader",
"vendor": "Foxit Software Inc.",
"versions": [
{
"status": "affected",
"version": "Versions 2026.1.1 and earlier"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Anonymous working with TrendAI Zero Day Initiative"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "When the application opens a PDF file, during the process of JavaScript deleting pages and removing attachment annotations, it will cause the attachment panel to continue accessing invalid pointers, eventually leading to the application crashing."
}
],
"value": "When the application opens a PDF file, during the process of JavaScript deleting pages and removing attachment annotations, it will cause the attachment panel to continue accessing invalid pointers, eventually leading to the application crashing."
}
],
"impacts": [
{
"descriptions": [
{
"lang": "en",
"value": "Potential arbitrary code execution"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416 Use after free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-08T07:36:12.539Z",
"orgId": "14984358-7092-470d-8f34-ade47a7658a2",
"shortName": "Foxit"
},
"references": [
{
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"title": "Foxit PDF Editor/Reader AcroForm Use-After-Free Remote Code Execution Vulnerability",
"x_generator": {
"engine": "Vulnogram 1.0.2"
}
}
},
"cveMetadata": {
"assignerOrgId": "14984358-7092-470d-8f34-ade47a7658a2",
"assignerShortName": "Foxit",
"cveId": "CVE-2026-57252",
"datePublished": "2026-07-08T07:36:12.539Z",
"dateReserved": "2026-06-24T03:01:18.717Z",
"dateUpdated": "2026-07-08T12:43:57.683Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…