Lucene search
K

10282 matches found

Cvelist
Cvelist
added 6 days ago36 views

CVE-2026-13126 Foxit PDF Editor/Reader Annotation Use-After-Free Remote Code Execution Vulnerability

The embedded JavaScript in the PDF deleted the pages, making the object invalid. The application attempted to perform a write operation on the invalid pop-up annotations, resulting in the program crashing...

7.8CVSS0.00116EPSS
Exploits0References1
CVE
CVE
added 6 days ago16 views

CVE-2026-13126

CVE-2026-13126 affects Foxit PDF Editor/Reader due to a use-after-free in the handling of PDF annotations (embedded JavaScript). The issue can lead to a crash when the application attempts to write to an invalid popup annotation object, as described in the CVE description. CVSS 3.1 metrics indica...

7.8CVSS6AI score0.00116EPSS
Exploits0References1Affected Software2
Cvelist
Cvelist
added 6 days ago37 views

CVE-2026-13127 Foxit PDF Editor/Reader Annotation Use-After-Free Remote Code Execution Vulnerability

The application opens the PDF file. JavaScript then rewrites the document to modify the page structure, resulting in the invalidation of the page objects. However, the thumbnails still use the invalid page objects, ultimately causing the application to crash...

7.8CVSS0.00116EPSS
Exploits0References1
CVE
CVE
added 6 days ago13 views

CVE-2026-13127

CVE-2026-13127 concerns Foxit PDF Editor/Reader annotation handling. The description states that when opening a PDF, JavaScript rewrites the document to modify page structure, causing page objects to become invalid; thumbnails still reference the invalid objects, leading to a crash. The CVSS 3.1 ...

7.8CVSS6AI score0.00116EPSS
Exploits0References1Affected Software2
Cvelist
Cvelist
added 6 days ago36 views

CVE-2026-13128 Foxit PDF Editor/Reader Doc Object Use-After-Free Remote Code Execution Vulnerability

Embedding JavaScript within a PDF file will cause the page to be deleted. Subsequent scripts will continue to access the relevant properties of the document view, eventually leading to the crash of the application...

7.8CVSS0.00116EPSS
Exploits0References1
CVE
CVE
added 6 days ago15 views

CVE-2026-13128

CVE-2026-13128 affects Foxit PDF Editor/Reader with a use-after-free in the Doc Object when embedding JavaScript in a PDF, leading to application crash and potential remote code execution. The vulnerability impacts the document view’s properties after the page is deleted, enabling continued acces...

7.8CVSS5.9AI score0.00116EPSS
Exploits0References1Affected Software2
Cvelist
Cvelist
added 6 days ago33 views

CVE-2026-57239 Foxit PDF Editor/Reader Local Privilege Escalation

The user-controllable executable files will be directly executed by high-privilege processes, allowing low-privilege users to have the opportunity to elevate their privileges to NT AUTHORITY\SYSTEM...

8.2CVSS0.00115EPSS
Exploits0References1
CVE
CVE
added 6 days ago12 views

CVE-2026-57239

Foxit CVE-2026-57239 is a Local Privilege Escalation in Foxit PDF Editor/Reader where user‑controllable executables can be directly executed by high‑privilege processes, enabling a low‑privilege user to escalate to NT AUTHORITY\SYSTEM. CVSS 3.1 base score 8.2 (HIGH) with LOCAL attack vector, LOW ...

8.2CVSS6AI score0.00115EPSS
Exploits0References1Affected Software2
Cvelist
Cvelist
added 6 days ago35 views

CVE-2026-57240 Foxit PDF Editor/Reader Form Field Use-After-Free Remote Code Execution Vulnerability

When the application opens a PDF file and JavaScript deletes the PDF fields, the subsequent logic still uses the old field pointers, resulting in invalid pointer references and causing the application to crash...

7.8CVSS0.00128EPSS
Exploits0References1
CVE
CVE
added 6 days ago16 views

CVE-2026-57240

CVE-2026-57240 affects Foxit PDF Editor/Reader: when opening a PDF, if JavaScript deletes form fields, the app may still reference old field pointers, causing a use-after-free and crash. The CVSS/metrics indicate a HIGH impact with local access, requiring user interaction. No explicit exploit det...

7.8CVSS6AI score0.00128EPSS
Exploits0References1Affected Software2
Cvelist
Cvelist
added 6 days ago37 views

CVE-2026-13129 Foxit PDF Editor/Reader Annotation Use-After-Free Remote Code Execution Vulnerability

When the application opens a PDF file, JavaScript uses the damaged field tree to trigger field traversal, resulting in the program holding an invalid form object when accessing the field property path. Eventually, the application crashes due to reading an invalid pointer...

7.8CVSS0.00116EPSS
Exploits0References1
CVE
CVE
added 6 days ago13 views

CVE-2026-13129

CVE-2026-13129 affects Foxit PDF Editor/Reader (Annotation feature). The issue is a use-after-free in the handling of the PDF form field tree triggered by JavaScript during field traversal, which can leave the program with an invalid form object and lead to a crash, with potential remote code exe...

7.8CVSS6AI score0.00116EPSS
Exploits0References1Affected Software2
Cvelist
Cvelist
added 6 days ago34 views

CVE-2026-57238 Foxit PDF Editor/Reader Annotation Use-After-Free Remote Code Execution Vulnerability

After the application opened the PDF, JavaScript deleted the form field object. Subsequently, it attempted to access the invalid object, which caused the application to crash...

7.8CVSS0.00116EPSS
Exploits0References1
CVE
CVE
added 6 days ago11 views

CVE-2026-57238

CVE-2026-57238 concerns Foxit PDF Editor/Reader, specifically an annotation use-after-free issue that enables a remote code execution vulnerability. The description states that after opening a PDF, JavaScript deletes a form field object; subsequently, the application accesses the invalid object, ...

7.8CVSS5.9AI score0.00116EPSS
Exploits0References1Affected Software2
Cvelist
Cvelist
added 6 days ago37 views

CVE-2026-57241 Foxit PDF Editor/Reader Page Out-of-bounds Read Vulnerability

The application opens the PDF, and JavaScript performs operations on the page and the document, causing the page-related objects within the application to lose synchronization; however, the renderer still trusts the outdated page count, and eventually the application crashes due to out-of-bounds...

6.1CVSS0.00107EPSS
Exploits0References1
CVE
CVE
added 6 days ago17 views

CVE-2026-57241

CVE-2026-57241 affects Foxit PDF Editor/Reader. The issue arises when opening a PDF where JavaScript operations on the page/document desynchronize page-related objects, yet the renderer trusts an outdated page count, leading to an out-of-bounds access and application crash. CVSSv3.1 metrics indic...

6.1CVSS6AI score0.00107EPSS
Exploits0References1Affected Software2
Cvelist
Cvelist
added 6 days ago33 views

CVE-2026-57242 Foxit PDF Editor/Reader Page Use-After-Free Vulnerability

The application opens the PDF, and JavaScript modifies the form. However, the related objects on the page lack complete lifecycle management and null value validation; when the page state changes, the application continuously dereferences invalid objects, eventually leading to a crash...

7.8CVSS0.00116EPSS
Exploits0References1
CVE
CVE
added 6 days ago14 views

CVE-2026-57242

Technical details are not publicly available in the provided documents for CVE-2026-57242; monitor Foxit security bulletins for updates on affected products, versions, impact, and remediation.

7.8CVSS6AI score0.00116EPSS
Exploits0References1Affected Software2
Cvelist
Cvelist
added 6 days ago32 views

CVE-2026-57243 Foxit PDF Editor/Reader Page Out-of-bounds Read Vulnerability

During the process of page opening and form formatting, a JavaScript reentrancy results in an inconsistent document status. Subsequently, with outdated page information, the application attempts to access invalid addresses, causing the application to crash...

6.1CVSS0.00107EPSS
Exploits0References1
CVE
CVE
added 6 days ago11 views

CVE-2026-57243

CVE-2026-57243 affects Foxit PDF Editor/Reader. A JavaScript reentrancy during page opening and form formatting leads to an inconsistent document status and, with outdated page information, the application accesses invalid addresses, causing a crash. Current details describe the vulnerable operat...

6.1CVSS6AI score0.00107EPSS
Exploits0References1Affected Software2
Rows per page
Query Builder