CVE-2012-5340

CVE-2012-5340 affects SumatraPDF 2.1.1 and MuPDF 1.0, where a vulnerability in the lex_number() function can cause a Integer Overflow when processing a crafted PDF. The issue is confirmed across multiple sources (NVD/OSV Debian/Ubuntu/CVE records) and is triggered by corrupt PDF files. Exploitati...

CVE-2012-4895

Summary: CVE-2012-4895 and CVE-2012-4896 describe heap-based buffer overflows in SumatraPDF before 2.1 that allow remote code execution via a crafted PDF document. The two CVEs are stated as different vulnerabilities. The provided details confirm the affected product (SumatraPDF), the vulnerable ...

CVE-2023-33802

CVE-2023-33802 is a buffer overflow in SumatraPDF Reader v3.4.6 triggered by processing crafted text files, causing a DoS. Root cause cited in supplied sources involves insufficient size checking when handling text input. Public references (PT-2023-3988) describe the impact on SumatraPDF 3.4.6 an...

CVE-2012-4896

CVE-2012-4896: SumatraPDF before 2.1 is affected by a heap-based buffer overflow in its PDF handling, allowing remote attackers to execute arbitrary code via a crafted PDF document. The vulnerability is specific to the SumatraPDF parser and is described as a separate issue from CVE-2012-4895. The...

CVE-2013-2830

SumatraPDF Reader (2.x) before 2.2.1 contains a use-after-free vulnerability in memory management (object decrement) that can be triggered by a crafted PDF file, enabling remote code execution. The issue affects SumatraPDF Reader 2.0–2.1.x and is fixed in 2.2.1. Access requires user interaction t...

CVE-2009-1605

CVE-2009-1605 describes a heap-based buffer overflow in MuPDF’s loadexponentialfunc (mupdf/pdf_function.c) in the mupdf-20090223-win32 package, exploitable via crafted PDFs and affecting SumatraPDF 0.9.3 and earlier. The underlying issue could allow remote code execution. Public references from N...

CVE-2009-4117

Concretely affected: MuPDF before commit 20091125231942, specifically within pdf_shade4.c, with SumatraPDF prior to 1.0.1. The issue involves multiple stack-based buffer overflows triggered by a /Decode array for certain shading types that are not correctly handled by pdf_loadtype4shade, pdf_load...

CVE-2026-23512

SumatraPDF has a Untrusted Search Path vulnerability in version 3.5.2 and earlier when the Advanced Options setting is triggered. The code path executes notepad.exe without an absolute path, allowing a malicious notepad.exe placed in the installation directory to run arbitrary code with local acc...

CVE-2026-25961

CVE-2026-25961 affects SumatraPDF

CVE-2026-23951

SumatraPDF is affected by an off-by-one error in PalmDbReader::GetRecord when opening crafted Mobi files, triggering only with exactly 2 records and causing an integer underflow in the size calculation. This leads to an out-of-bounds heap read that crashes the application. The CVE notes indicate ...

CVE-2025-57248

SumatraPDF 3.5.2 is affected by a null pointer dereference in libmupdf.dll during processing of crafted .djvu files, triggering a crash via DataPool::has_data(). The vulnerability is documented across multiple feeds (NVD/Red Hat NVD/CVE listings, OSV, Snyk, CNNVD, Red Hat, etc.), all identifying ...

CVE-2026-25880

SumatraPDF (Windows)

CVE-2026-25920

CVE-2026-25920 affects SumatraPDF