CVE-2026-23512 SumatraPDF has an Untrusted Search Path in sumatrapdf/src/AppTools.cpp

SumatraPDF is a multi-format reader for Windows. In 3.5.2 and earlier, there is a Untrusted Search Path vulnerability when Advanced Options setting is trigger. The application executes notepad.exe without specifying an absolute path when using the Advanced Options setting. On Windows, this allows...

EUVD-2026-2675

SumatraPDF is a multi-format reader for Windows. In 3.5.2 and earlier, there is a Untrusted Search Path vulnerability when Advanced Options setting is trigger. The application executes notepad.exe without specifying an absolute path when using the Advanced Options setting. On Windows, this allows...

CVE-2026-23512 SumatraPDF has an Untrusted Search Path in sumatrapdf/src/AppTools.cpp

SumatraPDF is a multi-format reader for Windows. In 3.5.2 and earlier, there is a Untrusted Search Path vulnerability when Advanced Options setting is trigger. The application executes notepad.exe without specifying an absolute path when using the Advanced Options setting. On Windows, this allows...

CVE-2026-23512

SumatraPDF has a Untrusted Search Path vulnerability in version 3.5.2 and earlier when the Advanced Options setting is triggered. The code path executes notepad.exe without an absolute path, allowing a malicious notepad.exe placed in the installation directory to run arbitrary code with local acc...

CVE-2026-23512 SumatraPDF has an Untrusted Search Path in sumatrapdf/src/AppTools.cpp

SumatraPDF is a multi-format reader for Windows. In 3.5.2 and earlier, there is a Untrusted Search Path vulnerability when Advanced Options setting is trigger. The application executes notepad.exe without specifying an absolute path when using the Advanced Options setting. On Windows, this allows...

sumatrapdf 代码问题漏洞

sumatrapdf is sumatrapdfreader open source a PDF reader. sumatrapdf 3.5.2 and previous versions of the code problematic vulnerability , the vulnerability stems from the execution of notepad.exe does not specify the absolute path , which may lead to arbitrary code execution...

PT-2026-2956

Name of the Vulnerable Software and Affected Versions SumatraPDF versions 3.5.2 and earlier Description SumatraPDF is a multi-format reader for Windows. A flaw exists due to an Untrusted Search Path when the Advanced Options setting is triggered. The application executes notepad.exe without...

EUVD-2012-5262

Malware in sbrugna...

EUVD-2009-1600

Malware in sbrugna...

EUVD-2013-2769

Malware in sbrugna...

EUVD-2012-4821

Malware in sbrugna...

EUVD-2012-4820

Malware in sbrugna...

EUVD-2023-37953

Malicious code in bioql PyPI...

EUVD-2025-20018

Malicious code in bioql PyPI...

EUVD-2025-29204

Malicious code in bioql PyPI...

CVE-2025-57248

A null pointer dereference vulnerability was discovered in SumatraPDF 3.5.2 during the processing of a crafted .djvu file. When the file is opened, the application crashes inside libmupdf.dll, specifically in the DataPool::hasdata function...

CVE-2025-57248

A null pointer dereference vulnerability was discovered in SumatraPDF 3.5.2 during the processing of a crafted .djvu file. When the file is opened, the application crashes inside libmupdf.dll, specifically in the DataPool::hasdata function...

CVE-2025-57248

A null pointer dereference vulnerability was discovered in SumatraPDF 3.5.2 during the processing of a crafted .djvu file. When the file is opened, the application crashes inside libmupdf.dll, specifically in the DataPool::hasdata function...

NULL Pointer Dereference

Overview Affected versions of this package are vulnerable to NULL Pointer Dereference in the hasdata function of DataPool during the processing of a specially crafted .djvu file. An attacker can cause the application to crash by tricking a user into opening a malicious file. Remediation A fix was...

CVE-2025-57248

A null pointer dereference vulnerability was discovered in SumatraPDF 3.5.2 during the processing of a crafted .djvu file. When the file is opened, the application crashes inside libmupdf.dll, specifically in the DataPool::hasdata function...