5 matches found
CVE-2026-25961
CVE-2026-25961 affects SumatraPDF
CVE-2026-23512
SumatraPDF has a Untrusted Search Path vulnerability in version 3.5.2 and earlier when the Advanced Options setting is triggered. The code path executes notepad.exe without an absolute path, allowing a malicious notepad.exe placed in the installation directory to run arbitrary code with local acc...
CVE-2026-25920
CVE-2026-25920 affects SumatraPDF
CVE-2026-25880
SumatraPDF (Windows)
CVE-2025-57248
SumatraPDF 3.5.2 is affected by a null pointer dereference in libmupdf.dll during processing of crafted .djvu files, triggering a crash via DataPool::has_data(). The vulnerability is documented across multiple feeds (NVD/Red Hat NVD/CVE listings, OSV, Snyk, CNNVD, Red Hat, etc.), all identifying ...