Total
268 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2026-5937 | 1 Foxit | 2 Pdf Editor, Pdf Reader | 2026-04-29 | N/A | 5.5 MEDIUM |
| Insufficient parameter verification leads to the occurrence of format errors in files, which will trigger an unhandled "std::invalid_argument" exception, ultimately causing the program to terminate. | |||||
| CVE-2026-5938 | 1 Foxit | 2 Pdf Editor, Pdf Reader | 2026-04-29 | N/A | 5.5 MEDIUM |
| Improper control flow management allows a crafted document action chain to cause modal dialog reentry on the main thread, resulting in UI freeze and denial of service. | |||||
| CVE-2026-5939 | 1 Foxit | 2 Pdf Editor, Pdf Reader | 2026-04-29 | N/A | 5.5 MEDIUM |
| A crafted XFA PDF can trigger a use-after-free condition during calculate event processing, causing the application to crash and resulting in an arbitrary code execution. | |||||
| CVE-2026-5940 | 1 Foxit | 2 Pdf Editor, Pdf Reader | 2026-04-29 | N/A | 7.8 HIGH |
| Calling a function that triggers a UI refresh after removing comments via a script may access an invalidated object, leading to program crashes. | |||||
| CVE-2026-5941 | 1 Foxit | 2 Pdf Editor, Pdf Reader | 2026-04-29 | N/A | 7.8 HIGH |
| Parsing logic flaws cause non-signature data to be misidentified as valid signatures when processing malformed form field hierarchies, leading to invalid memory writes and program crashes during internal data structure construction. | |||||
| CVE-2026-5942 | 1 Foxit | 2 Pdf Editor, Pdf Reader | 2026-04-29 | N/A | 5.5 MEDIUM |
| Flaws in page lifecycle management allow document structure changes to desynchronize internal component states, causing subsequent operations to access invalidated objects and crash the program. | |||||
| CVE-2026-5943 | 1 Foxit | 2 Pdf Editor, Pdf Reader | 2026-04-29 | N/A | 7.8 HIGH |
| Document structural anomalies caused inconsistencies between page element relationships and internal index states. When scripts triggered document modifications, object reference validity was not properly maintained, leading to a crash when accessing an invalid pointer during page information queries. | |||||
| CVE-2026-3779 | 3 Apple, Foxit, Microsoft | 4 Macos, Pdf Editor, Pdf Reader and 1 more | 2026-04-28 | N/A | 7.8 HIGH |
| The application's list box calculate array logic keeps stale references to page or form objects after they are deleted or re-created, which allows crafted documents to trigger a use-after-free when the calculation runs and can potentially lead to arbitrary code execution. | |||||
| CVE-2026-3780 | 2 Foxit, Microsoft | 3 Pdf Editor, Pdf Reader, Windows | 2026-04-28 | N/A | 7.3 HIGH |
| The application's installer runs with elevated privileges but resolves system executables and DLLs using untrusted search paths that can include user-writable directories, allowing a local attacker to place malicious binaries with the same names and have them loaded or executed instead of the legitimate system files, resulting in local privilege escalation. | |||||
| CVE-2026-3775 | 2 Foxit, Microsoft | 3 Pdf Editor, Pdf Reader, Windows | 2026-04-14 | N/A | 7.8 HIGH |
| The application's update service, when checking for updates, loads certain system libraries from a search path that includes directories writable by low‑privileged users and is not strictly restricted to trusted system locations. Because these libraries may be resolved and loaded from user‑writable locations, a local attacker can place a malicious library there and have it loaded with SYSTEM privileges, resulting in local privilege escalation and arbitrary code execution. | |||||
| CVE-2026-3776 | 3 Apple, Foxit, Microsoft | 4 Macos, Pdf Editor, Pdf Reader and 1 more | 2026-04-14 | N/A | 5.5 MEDIUM |
| The application does not validate the presence of required appearance (AP) data before accessing stamp annotation resources. When a PDF contains a stamp annotation missing its AP entry, the code continues to dereference the associated object without a prior null or validity check, which allows a crafted document to trigger a null pointer dereference and crash the application, resulting in denial of service. | |||||
| CVE-2026-3777 | 3 Apple, Foxit, Microsoft | 4 Macos, Pdf Editor, Pdf Reader and 1 more | 2026-04-14 | N/A | 5.5 MEDIUM |
| The application does not properly validate the lifetime and validity of internal view cache pointers after JavaScript changes the document zoom and page state. When a script modifies the zoom property and then triggers a page change, the original view object may be destroyed while stale pointers are still kept and later dereferenced, which under crafted JavaScript and document structures can lead to a use-after-free condition and potentially allow arbitrary code execution. | |||||
| CVE-2026-3778 | 3 Apple, Foxit, Microsoft | 4 Macos, Pdf Editor, Pdf Reader and 1 more | 2026-04-14 | N/A | 6.2 MEDIUM |
| The application does not detect or guard against cyclic PDF object references while handling JavaScript in PDF. When pages and annotations are crafted that reference each other in a loop, passing the document to APIs (e.g., SOAP) that perform deep traversal can cause uncontrolled recursion, stack exhaustion, and application crashes. | |||||
| CVE-2026-3774 | 2 Foxit, Microsoft | 3 Pdf Editor, Pdf Reader, Windows | 2026-04-10 | N/A | 4.7 MEDIUM |
| The application allows PDF JavaScript and document/print actions (such as WillPrint/DidPrint) to update form fields, annotations, or optional content groups (OCGs) immediately before or after redaction, encryption, or printing. These script‑driven updates are not fully covered by the existing redaction, encryption, and printing logic, which, under specific document structures and user workflows, may cause a small amount of sensitive content to remain unremoved or unencrypted as expected, or result in printed output that slightly differs from what was reviewed on screen. | |||||
| CVE-2025-55311 | 3 Apple, Foxit, Microsoft | 4 Macos, Pdf Editor, Pdf Reader and 1 more | 2026-01-07 | N/A | 6.5 MEDIUM |
| An issue was discovered in Foxit PDF and Editor for Windows and macOS before 13.2 and 2025 before 2025.2. A crafted PDF can use JavaScript to alter annotation content and subsequently clear the file's modification status via JavaScript interfaces. This circumvents digital signature verification by hiding document modifications, allowing an attacker to mislead users about the document's integrity and compromise the trustworthiness of signed PDFs. | |||||
| CVE-2025-55309 | 3 Apple, Foxit, Microsoft | 4 Macos, Pdf Editor, Pdf Reader and 1 more | 2026-01-06 | N/A | 6.7 MEDIUM |
| An issue was discovered in Foxit PDF and Editor for Windows and macOS before 13.2 and 2025 before 2025.2. A crafted PDF can contain JavaScript that attaches an OnBlur action on a form field that destroys an annotation. During user right-click interaction, the program's internal focus change handling prematurely releases the annotation object, resulting in a use-after-free vulnerability that may cause memory corruption or application crashes. | |||||
| CVE-2025-55308 | 2 Foxit, Microsoft | 3 Pdf Editor, Pdf Reader, Windows | 2026-01-06 | N/A | 6.7 MEDIUM |
| An issue was discovered in Foxit PDF and Editor for Windows before 13.2 and 2025 before 2025.2. A crafted PDF containing JavaScript that calls closeDoc() while internal objects are still in use can cause premature release of these objects. This use-after-free vulnerability may lead to memory corruption, potentially resulting in information disclosure when the PDF is opened. | |||||
| CVE-2025-55307 | 2 Foxit, Microsoft | 3 Pdf Editor, Pdf Reader, Windows | 2026-01-06 | N/A | 3.3 LOW |
| An issue was discovered in Foxit PDF and Editor for Windows before 13.2 and 2025 before 2025.2. Opening a malicious PDF containing a crafted JavaScript call to search.query() with a crafted cDIPath parameter (e.g., "/") may cause an out-of-bounds read in internal path-parsing logic, potentially leading to information disclosure or memory corruption. | |||||
| CVE-2025-66499 | 3 Apple, Foxit, Microsoft | 4 Macos, Pdf Editor, Pdf Reader and 1 more | 2025-12-23 | N/A | 7.8 HIGH |
| A heap-based buffer overflow vulnerability exists in the PDF parsing of Foxit PDF Reader when processing specially crafted JBIG2 data. An integer overflow in the calculation of the image buffer size may occur, potentially allowing a remote attacker to execute arbitrary code. | |||||
| CVE-2025-66497 | 3 Apple, Foxit, Microsoft | 4 Macos, Pdf Editor, Pdf Reader and 1 more | 2025-12-23 | N/A | 5.3 MEDIUM |
| A memory corruption vulnerability exists in the 3D annotation handling of Foxit PDF Reader due to insufficient bounds checking when parsing PRC data. When opening a PDF file containing malformed or specially crafted PRC content, out-of-bounds memory access may occur, resulting in memory corruption. | |||||