Lucene search
K

524 matches found

Cvelist
Cvelist
added 12 hours ago10 views

CVE-2026-13126 Foxit PDF Editor/Reader Annotation Use-After-Free Remote Code Execution Vulnerability

The embedded JavaScript in the PDF deleted the pages, making the object invalid. The application attempted to perform a write operation on the invalid pop-up annotations, resulting in the program crashing...

7.8CVSS
Exploits0References1
CVE
CVE
added 12 hours ago10 views

CVE-2026-13126

CVE-2026-13126 affects Foxit PDF Editor/Reader due to a use-after-free in the handling of PDF annotations (embedded JavaScript). The issue can lead to a crash when the application attempts to write to an invalid popup annotation object, as described in the CVE description. CVSS 3.1 metrics indica...

7.8CVSS6AI score
Exploits0References1
Cvelist
Cvelist
added 12 hours ago10 views

CVE-2026-13127 Foxit PDF Editor/Reader Annotation Use-After-Free Remote Code Execution Vulnerability

The application opens the PDF file. JavaScript then rewrites the document to modify the page structure, resulting in the invalidation of the page objects. However, the thumbnails still use the invalid page objects, ultimately causing the application to crash...

7.8CVSS
Exploits0References1
CVE
CVE
added 12 hours ago9 views

CVE-2026-13127

CVE-2026-13127 concerns Foxit PDF Editor/Reader annotation handling. The description states that when opening a PDF, JavaScript rewrites the document to modify page structure, causing page objects to become invalid; thumbnails still reference the invalid objects, leading to a crash. The CVSS 3.1 ...

7.8CVSS6AI score
Exploits0References1
CVE
CVE
added 12 hours ago9 views

CVE-2026-13128

CVE-2026-13128 affects Foxit PDF Editor/Reader with a use-after-free in the Doc Object when embedding JavaScript in a PDF, leading to application crash and potential remote code execution. The vulnerability impacts the document view’s properties after the page is deleted, enabling continued acces...

7.8CVSS5.9AI score
Exploits0References1
Cvelist
Cvelist
added 12 hours ago9 views

CVE-2026-13128 Foxit PDF Editor/Reader Doc Object Use-After-Free Remote Code Execution Vulnerability

Embedding JavaScript within a PDF file will cause the page to be deleted. Subsequent scripts will continue to access the relevant properties of the document view, eventually leading to the crash of the application...

7.8CVSS
Exploits0References1
CVE
CVE
added 12 hours ago8 views

CVE-2026-57239

Foxit CVE-2026-57239 is a Local Privilege Escalation in Foxit PDF Editor/Reader where user‑controllable executables can be directly executed by high‑privilege processes, enabling a low‑privilege user to escalate to NT AUTHORITY\SYSTEM. CVSS 3.1 base score 8.2 (HIGH) with LOCAL attack vector, LOW ...

8.2CVSS6AI score
Exploits0References1
Cvelist
Cvelist
added 12 hours ago8 views

CVE-2026-57239 Foxit PDF Editor/Reader Local Privilege Escalation

The user-controllable executable files will be directly executed by high-privilege processes, allowing low-privilege users to have the opportunity to elevate their privileges to NT AUTHORITY\SYSTEM...

8.2CVSS
Exploits0References1
Cvelist
Cvelist
added 12 hours ago9 views

CVE-2026-57240 Foxit PDF Editor/Reader Form Field Use-After-Free Remote Code Execution Vulnerability

When the application opens a PDF file and JavaScript deletes the PDF fields, the subsequent logic still uses the old field pointers, resulting in invalid pointer references and causing the application to crash...

7.8CVSS
Exploits0References1
Cvelist
Cvelist
added 12 hours ago7 views

CVE-2026-13129 Foxit PDF Editor/Reader Annotation Use-After-Free Remote Code Execution Vulnerability

When the application opens a PDF file, JavaScript uses the damaged field tree to trigger field traversal, resulting in the program holding an invalid form object when accessing the field property path. Eventually, the application crashes due to reading an invalid pointer...

7.8CVSS
Exploits0References1
CVE
CVE
added 12 hours ago9 views

CVE-2026-13129

CVE-2026-13129 affects Foxit PDF Editor/Reader (Annotation feature). The issue is a use-after-free in the handling of the PDF form field tree triggered by JavaScript during field traversal, which can leave the program with an invalid form object and lead to a crash, with potential remote code exe...

7.8CVSS6AI score
Exploits0References1
Cvelist
Cvelist
added 12 hours ago8 views

CVE-2026-57238 Foxit PDF Editor/Reader Annotation Use-After-Free Remote Code Execution Vulnerability

After the application opened the PDF, JavaScript deleted the form field object. Subsequently, it attempted to access the invalid object, which caused the application to crash...

7.8CVSS
Exploits0References1
CVE
CVE
added 12 hours ago7 views

CVE-2026-57238

CVE-2026-57238 concerns Foxit PDF Editor/Reader, specifically an annotation use-after-free issue that enables a remote code execution vulnerability. The description states that after opening a PDF, JavaScript deletes a form field object; subsequently, the application accesses the invalid object, ...

7.8CVSS5.9AI score
Exploits0References1
Cvelist
Cvelist
added 12 hours ago8 views

CVE-2026-57245 Foxit PDF Editor/Reader Signature Hyperlink Use-After-Free Vulnerability

When the application opens a PDF, traverses and builds the annotation elements related to hyperlinks, it fails to validate the abnormal annotation relationships and field combinations. This results in the internal objects entering an invalid state. Eventually, during the destruction phase, an...

7.8CVSS
Exploits0References1
CVE
CVE
added 12 hours ago6 views

CVE-2026-57245

Foxit PDF Editor/Reader contains a use-after-free vulnerability in the handling of hyperlink annotations when opening and traversing annotation elements. The issue can lead to an invalid state and an invalid pointer write during destruction, causing a crash. CVSSv3.1 base score 7.8 ( HIGH ) with ...

7.8CVSS5.9AI score
Exploits0References1
Cvelist
Cvelist
added 12 hours ago8 views

CVE-2026-57246 Foxit PDF Editor/Reader Signature Buffer Overflow Vulnerability

When dealing with abnormally constructed objects, there is a lack of argument validation; JavaScript triggers signature verification, but the signature plugin does not perform validation when copying the abnormal string, causing the application to crash...

7.8CVSS
Exploits0References1
CVE
CVE
added 12 hours ago9 views

CVE-2026-57248

The CVE-2026-57248 entry concerns Foxit PDF Editor/Reader where opening a PDF and performing JavaScript to write annotation attributes can bypass object type/argument checks, corrupting the internal annotation structure and causing a crash on release. This is described as a local, user-interactio...

7.8CVSS5.9AI score
Exploits0References1
CVE
CVE
added 12 hours ago12 views

CVE-2026-57249

CVE-2026-57249 affects Foxit PDF Editor/Reader in the annotation handling path. After opening a PDF, the software resets the annotation status and triggers a reset form event; during the subsequent re-entry it accesses invalid objects, leading to a crash. CVSS 3.1 vector: AV:L/AC:L/PR:N/UI:R/S:U/...

7.8CVSS5.9AI score
Exploits0References1
Cvelist
Cvelist
added 12 hours ago8 views

CVE-2026-57251 Foxit PDF Editor/Reader Cloud Appearance Buffer Overflow Vulnerability

The application opens a PDF, but the cloud-like appearance of the construction process lacks proper setting of an upper limit and consistency checks. Out-of-bounds access to the underlying array is exposed, ultimately leading to a crash of the application...

7.8CVSS
Exploits0References1
CVE
CVE
added 12 hours ago6 views

CVE-2026-57253

Technical details beyond the high-level description are not publicly available in the provided documents. Monitor for updates from Foxit security bulletins.

6.1CVSS6.1AI score
Exploits0References1
Rows per page
Query Builder