The vulnerability of PDF-XChange Editor’s PDF document viewing and editing software, related to the occurrence of operations outside the buffer in memory, allows attackers to disclose protected information.

🗓️ 08 Jul 2025 00:00:00Reported by FSTEC of Russia — Information Security Threat DatabaseType

bdu_fstec

bdu_fstec🔗 bdu.fstec.ru👁 1 Views

PDF-XChange Editor vulnerability causes buffer issues during viewing and editing, risking disclosure of protected information.

Reporter	Title	Published	Views	Family All 12
Circl	CVE-2025-6658	25 Jun 202503:00	–	circl
CNNVD	PDF-XChange Editor 缓冲区错误漏洞	25 Jun 202500:00	–	cnnvd
CNVD	PDF-XChange Editor Information Disclosure Vulnerability (CNVD-2025-16299)	27 Jun 202500:00	–	cnvd
CVE	CVE-2025-6658	25 Jun 202521:41	–	cve
Cvelist	CVE-2025-6658 PDF-XChange Editor PRC File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability	25 Jun 202521:41	–	cvelist
EUVD	EUVD-2025-19160	3 Oct 202520:07	–	euvd
NVD	CVE-2025-6658	25 Jun 202522:15	–	nvd
Tenable Nessus	PDF-XChange Editor < 10.6.0.396 Multiple Vulnerabilities	27 Jun 202500:00	–	nessus
Positive Technologies	PT-2025-26902 · Unknown · Pdf-Xchange Editor	21 Mar 202500:00	–	ptsecurity
RedhatCVE	CVE-2025-6658	27 Jun 202522:18	–	redhatcve

Vulners

Node

tracker_software_products pdf-xchange_editorMatch10.5.2.395

OR

tracker_software_products pdf-toolsMatch10.5.2.395

OR

tracker_software_products pdf-xchange_proMatch10.5.2.395

Source	Link
pdf-xchange	www.pdf-xchange.com/support/security-bulletins.html
zerodayinitiative	www.zerodayinitiative.com/advisories/ZDI-25-444/
web	www.web.nvd.nist.gov/view/vuln/detail
zerodayinitiative	www.zerodayinitiative.com/advisories/ZDI-25-444/
zerodayinitiative	www.zerodayinitiative.com/advisories/ZDI-26733/

08 Jul 2025 00:00Current

5.9Medium risk

Vulners AI Score5.9

CVSS 22.1

CVSS 33.3

EPSS0.00117

pdf xchange editor buffer overflow memory safety issue information disclosure file processing vulnerability