Lucene search
K

200 matches found

Cvelist
Cvelist
added 6 days ago37 views

CVE-2026-57241 Foxit PDF Editor/Reader Page Out-of-bounds Read Vulnerability

The application opens the PDF, and JavaScript performs operations on the page and the document, causing the page-related objects within the application to lose synchronization; however, the renderer still trusts the outdated page count, and eventually the application crashes due to out-of-bounds...

6.1CVSS0.00107EPSS
Exploits0References1
Cvelist
Cvelist
added 6 days ago33 views

CVE-2026-57242 Foxit PDF Editor/Reader Page Use-After-Free Vulnerability

The application opens the PDF, and JavaScript modifies the form. However, the related objects on the page lack complete lifecycle management and null value validation; when the page state changes, the application continuously dereferences invalid objects, eventually leading to a crash...

7.8CVSS0.00116EPSS
Exploits0References1
CVE
CVE
added 6 days ago11 views

CVE-2026-57243

CVE-2026-57243 affects Foxit PDF Editor/Reader. A JavaScript reentrancy during page opening and form formatting leads to an inconsistent document status and, with outdated page information, the application accesses invalid addresses, causing a crash. Current details describe the vulnerable operat...

6.1CVSS6AI score0.00107EPSS
Exploits0References1Affected Software2
CVE
CVE
added 6 days ago12 views

CVE-2026-57246

Technical details are not publicly available in the provided documents. Monitor for updates.

7.8CVSS6AI score0.00116EPSS
Exploits0References1Affected Software2
Cvelist
Cvelist
added 6 days ago34 views

CVE-2026-57248 Foxit PDF Editor/Reader Annotation Improper Release Vulnerability

When the application opens a PDF file and JavaScript writes annotation attributes, there is a lack of sufficient object type and argument checks. As a result, due to the damage to the internal structure of the annotations, it causes the application to crash during subsequent release...

7.8CVSS0.00116EPSS
Exploits0References1
Cvelist
Cvelist
added 6 days ago32 views

CVE-2026-57249 Foxit PDF Editor/Reader Annotation Use-After-Free Vulnerability

After the application opened the PDF file, the script first reset the annotation status, then triggered the reset form event by additional action. During the re-entry process, the application access invalid objects and crashed...

7.8CVSS0.00116EPSS
Exploits0References1
CVE
CVE
added 6 days ago13 views

CVE-2026-57251

Foxit CVE-2026-57251 affects Foxit PDF Editor/Reader during the cloud-like construction phase when opening a PDF. The issue is an out-of-bounds access caused by missing upper bounds checks in the cloud appearance logic, leading to application crashes. The CVSS v3.1 metrics assign a base score of ...

7.8CVSS6AI score0.00116EPSS
Exploits0References1Affected Software2
CVE
CVE
added 6 days ago9 views

CVE-2026-57254

CVE-2026-57254 affects Foxit PDF Editor/Reader and is a type confusion vulnerability in PDF annotations that are referenced by other objects. The flaw occurs when the application parses the PDF without proper type checking, which can cause the application to crash. From the provided metrics, the ...

7.8CVSS6AI score0.00116EPSS
Exploits0References1Affected Software2
Cvelist
Cvelist
added 6 days ago38 views

CVE-2026-57259 Foxit PDF Editor/Reader XDP XFA XXE arbitrary local file read

The input file does not need to be strictly in a structurally valid PDF format. Instead, after reviewing the content, the original document disguised as a PDF will be sent to the parser. Malicious documents will construct malicious external entities that, through the protocol, point to local path...

6.5CVSS0.00205EPSS
Exploits0References1
Cvelist
Cvelist
added 6 days ago34 views

CVE-2026-57244 Foxit PDF Editor/Reader Form Control Use-After-Free Vulnerability

After JavaScript resetting the form, the synchronization process lacks re-entry protection and object lifecycle verification, resulting in the failure of the control pointer during the traversal process. After the pointer fails, it still continues to dereference, causing the application to crash...

7.8CVSS0.00116EPSS
Exploits0References1
CVE
CVE
added 6 days ago15 views

CVE-2026-57244

CVE-2026-57244 affects Foxit PDF Editor/Reader Form Control. The root cause is a missing re-entry protection and object lifecycle verification during form synchronization after JavaScript resets, causing a control pointer dereference after a failure and resulting in a crash. The CVSSv3.1 vector i...

7.8CVSS5.9AI score0.00116EPSS
Exploits0References1Affected Software2
CVE
CVE
added 6 days ago13 views

CVE-2026-57247

Foxit PDF Editor/Reader is affected by CVE-2026-57247 where field processing re-enters the document structure and deletes the current page, then continues using the field objects that were obtained before deletion, causing an illegal read and a crash. The entry lists a CVSSv3.1 base score of 7.8 ...

7.8CVSS5.9AI score0.00116EPSS
Exploits0References1Affected Software2
CVE
CVE
added 6 days ago11 views

CVE-2026-57250

CVE-2026-57250 affects Foxit PDF Editor/Reader when opening a PDF and JavaScript resets form fields, causing a re-entry into the interface that damages a native object. The app validates insufficiently, and the function call on the damaged object leads to a crash. The CVSS v3.1 vector is LOCAL/Ux...

7.8CVSS5.9AI score0.00116EPSS
Exploits0References1Affected Software2
Cvelist
Cvelist
added 6 days ago34 views

CVE-2026-57250 Foxit PDF Editor/Reader Form Field Use-After-Free Vulnerability

When the application opens a PDF and JavaScript resets the form fields, the script re-enters the interface. The underlying native object is damaged, but the application does not perform validation. The function call on the damaged object leads to the application crashing...

7.8CVSS0.00116EPSS
Exploits0References1
Cvelist
Cvelist
added 6 days ago31 views

CVE-2026-57256 Foxit Editor/Reader List Box Format Use-After-Free Vulnerability

When the application opens a PDF and executes JavaScript, it performs abnormal operations on the list box field, and this operation is repeated after the form is reset. During this process, the application failed to adequately verify the validity of the form objects and their internal dictionary...

7.8CVSS0.00118EPSS
Exploits0References1
CVE
CVE
added 6 days ago12 views

CVE-2026-57256

CVE-2026-57256 concerns Foxit Editor/Reader. When opening a PDF with JavaScript, the app performs abnormal operations on a list box form field, and repeats this after the form is reset. The issue stems from inadequate verification of the form objects and their internal dictionary pointers, allowi...

7.8CVSS6AI score0.00118EPSS
Exploits0References2Affected Software2
Cvelist
Cvelist
added 6 days ago31 views

CVE-2026-57258 Foxit PDF Editor/Reader Crash via Malformed PRC 3D Stream

The PRC file header parsing logic trusts the constructed file structure description information, assumes that the underlying array contains elements and reads them, leading to out-of-bounds reads and application crashes...

6.1CVSS0.00112EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/04/27 11:0 a.m.32 views

CVE-2026-5937 Foxit PDF Editor/Reader's insufficient parameter validation leads to denial-of-service vulnerability

Insufficient parameter verification leads to the occurrence of format errors in files, which will trigger an unhandled "std::invalidargument" exception, ultimately causing the program to terminate...

5.5CVSS0.00103EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/04/27 11:0 a.m.5 views

CVE-2026-5938 Foxit PDF Editor/Reader Infinite Loop Denial-of-Service Vulnerability

Improper control flow management allows a crafted document action chain to cause modal dialog reentry on the main thread, resulting in UI freeze and denial of service...

5.5CVSS5.2AI score0.00103EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/04/27 11:0 a.m.6 views

CVE-2026-5943 Foxit PDF Editor/Reader AcroForm Annotation Use-After-Free Remote Code Execution Vulnerability

Document structural anomalies caused inconsistencies between page element relationships and internal index states. When scripts triggered document modifications, object reference validity was not properly maintained, leading to a crash when accessing an invalid pointer during page information...

7.8CVSS5.2AI score0.00181EPSS
Exploits0References1
Rows per page
Query Builder