Lucene search
K

859 matches found

Cvelist
Cvelist
added 2026/04/27 11:0 a.m.37 views

CVE-2026-5938 Foxit PDF Editor/Reader Infinite Loop Denial-of-Service Vulnerability

Improper control flow management allows a crafted document action chain to cause modal dialog reentry on the main thread, resulting in UI freeze and denial of service...

5.5CVSS0.00103EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/04/27 11:0 a.m.4 views

CVE-2026-5940 Foxit PDF Editor/Reader Annotation Use-After-Free Remote Code Execution Vulnerability

Calling a function that triggers a UI refresh after removing comments via a script may access an invalidated object, leading to program crashes...

7.8CVSS5.2AI score0.00169EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/04/27 11:0 a.m.35 views

CVE-2026-5940 Foxit PDF Editor/Reader Annotation Use-After-Free Remote Code Execution Vulnerability

Calling a function that triggers a UI refresh after removing comments via a script may access an invalidated object, leading to program crashes...

7.8CVSS0.00169EPSS
Exploits0References1
CVE
CVE
added 2026/04/27 11:0 a.m.81 views

CVE-2026-5940

Summary of CVE-2026-5940 : Foxit PDF Editor/Reader contains a use-after-free vulnerability in the annotation flow. The issue arises when a function triggers a UI refresh after removing comments via a script, which may access an invalidated object and cause a crash. The CVE record cites a CVSS v3....

7.8CVSS5.2AI score0.00169EPSS
Exploits0References1Affected Software2
Vulnrichment
Vulnrichment
added 2026/04/27 11:0 a.m.3 views

CVE-2026-5942 Foxit PDF Editor/Reader AcroForm Signature Use-After-Free Vulnerability

Flaws in page lifecycle management allow document structure changes to desynchronize internal component states, causing subsequent operations to access invalidated objects and crash the program...

5.5CVSS5.2AI score0.00182EPSS
Exploits0References1
CVE
CVE
added 2026/04/27 11:0 a.m.45 views

CVE-2026-5942

CVE-2026-5942 affects Foxit PDF Editor/Reader with an AcroForm Signature Use-After-Free vulnerability. Flaws in page lifecycle management allow document structure changes to desynchronize internal component states, causing subsequent operations to access invalidated objects and crash the applicat...

5.5CVSS5.2AI score0.00182EPSS
Exploits0References1Affected Software2
Cvelist
Cvelist
added 2026/04/27 11:0 a.m.36 views

CVE-2026-5942 Foxit PDF Editor/Reader AcroForm Signature Use-After-Free Vulnerability

Flaws in page lifecycle management allow document structure changes to desynchronize internal component states, causing subsequent operations to access invalidated objects and crash the program...

5.5CVSS0.00182EPSS
Exploits0References1
CVE
CVE
added 2026/04/27 11:0 a.m.38 views

CVE-2026-5943

Foxit PDF Editor/Reader AcroForm Annotation Use-After-Free vulnerability (CVE-2026-5943) is described as a remote code execution flaw caused by document structural anomalies that cause invalid pointer access when querying page information after scripts modify the document. The affected component ...

7.8CVSS5.2AI score0.00181EPSS
Exploits0References1Affected Software2
Cvelist
Cvelist
added 2026/04/27 11:0 a.m.31 views

CVE-2026-5943 Foxit PDF Editor/Reader AcroForm Annotation Use-After-Free Remote Code Execution Vulnerability

Document structural anomalies caused inconsistencies between page element relationships and internal index states. When scripts triggered document modifications, object reference validity was not properly maintained, leading to a crash when accessing an invalid pointer during page information...

7.8CVSS0.00181EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/04/27 11:0 a.m.4 views

CVE-2026-5939 UAF in Foxit PDF Editor/Reader via XFA calculate event

A crafted XFA PDF can trigger a use-after-free condition during calculate event processing, causing the application to crash and resulting in an arbitrary code execution...

5.5CVSS5.8AI score0.00113EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/04/27 11:0 a.m.6 views

CVE-2026-5941 Foxit PDF Editor/Reader AcroForm Signature Remote Code Execution Vulnerability

Parsing logic flaws cause non-signature data to be misidentified as valid signatures when processing malformed form field hierarchies, leading to invalid memory writes and program crashes during internal data structure construction...

7.8CVSS5.2AI score0.00169EPSS
Exploits0References1
CVE
CVE
added 2026/04/27 11:0 a.m.34 views

CVE-2026-5941

CVE-2026-5941 affects Foxit PDF Editor/Reader, specifically the AcroForm Signature processing. The issue is a parsing logic flaw where non-signature data can be misidentified as valid signatures when processing malformed form field hierarchies, leading to invalid memory writes and program crashes...

7.8CVSS5.2AI score0.00169EPSS
Exploits0References1Affected Software2
CNNVD
CNNVD
added 2026/04/27 12:0 a.m.9 views

Foxit PDF Reader和Foxit PDF Editor 资源管理错误漏洞

Foxit PDF Reader and Foxit PDF Editor are products of Foxit Corporation, a Chinese company. Foxit PDF Reader is a PDF reader. Foxit PDF Editor is a PDF editor. Both Foxit PDF Reader and Foxit PDF Editor have a resource management vulnerability. This vulnerability arises from the special XFA PDF...

5.5CVSS6.1AI score0.00113EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/27 12:0 a.m.9 views

Foxit PDF Reader和Foxit PDF Editor 资源管理错误漏洞

Foxit PDF Reader and Foxit PDF Editor are products of Foxit Corporation, a Chinese company. Foxit PDF Reader is a PDF reader. Foxit PDF Editor is a PDF editor. Both Foxit PDF Reader and Foxit PDF Editor have a resource management vulnerability. This vulnerability arises from calling a function th...

7.8CVSS7.1AI score0.00169EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/27 12:0 a.m.9 views

Foxit PDF Reader和Foxit PDF Editor 资源管理错误漏洞

Foxit PDF Reader and Foxit PDF Editor are products of Foxit Corporation, a Chinese company. Foxit PDF Reader is a PDF reader. Foxit PDF Editor is a PDF editor. There is a resource management vulnerability in Foxit PDF Editor and Foxit PDF Reader. This vulnerability stems from a page lifecycle...

5.5CVSS5.8AI score0.00182EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/27 12:0 a.m.10 views

Foxit PDF Reader和Foxit PDF Editor 资源管理错误漏洞

Foxit PDF Reader and Foxit PDF Editor are products of Foxit Corporation, a Chinese company. Foxit PDF Reader is a PDF reader. Foxit PDF Editor is a PDF editor. There is a resource management vulnerability in Foxit PDF Editor and Foxit PDF Reader. This vulnerability arises from abnormal document...

7.8CVSS7.1AI score0.00181EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/04/27 12:0 a.m.6 views

Foxit PDF Editor < 14.0.4 / 2026.1.1 Multiple Vulnerabilities

According to its version, the Foxit PDF Editor application previously named Foxit PhantomPDF installed on the remote Windows host is prior to 2026.1.1/14.0.4. It is, therefore affected by multiple vulnerabilities: - Document structural anomalies caused inconsistencies between page element...

7.8CVSS6.9AI score0.00182EPSS
Exploits0References8
Vulnrichment
Vulnrichment
added 2026/04/01 1:40 a.m.3 views

CVE-2026-3774 Self-Modifications Affecting Altered Printing and Redaction in Foxit PDF Editor

The application allows PDF JavaScript and document/print actions such as WillPrint/DidPrint to update form fields, annotations, or optional content groups OCGs immediately before or after redaction, encryption, or printing. These script‑driven updates are not fully covered by the existing...

4.7CVSS5.9AI score0.00109EPSS
Exploits0References1
CVE
CVE
added 2026/04/01 1:40 a.m.38 views

CVE-2026-3774

Foxit PDF Editor/Reader (pre-2026.1) is affected by CVE-2026-3774 due to PDF JavaScript and document/print actions (WillPrint/DidPrint) updating form fields, annotations, or OCGs around redaction, encryption, or printing. The script-driven updates are not fully covered by the existing redaction/e...

7.5CVSS5.9AI score0.00109EPSS
Exploits0References1Affected Software2
Vulnrichment
Vulnrichment
added 2026/04/01 1:40 a.m.4 views

CVE-2026-3775 Foxit PDF Editor/Reader Update Service Uncontrolled Search Path Element Local Privilege Escalation Vulnerability

The application's update service, when checking for updates, loads certain system libraries from a search path that includes directories writable by low‑privileged users and is not strictly restricted to trusted system locations. Because these libraries may be resolved and loaded from user‑writab...

7.8CVSS6AI score0.00251EPSS
Exploits0References1
Rows per page
Query Builder