CVE-2025-66495

CWE-416 — Use After Free4 documents4 sources

Severity

7.8HIGH

EPSS

0.1%

top 81.35%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Foxit PDF Editor Foxit PDF Reader Foxit Software Inc. Foxit PDF Editor +1 more

Timeline

PublishedDec 19

Description

A use-after-free vulnerability exists in the annotation handling of Foxit PDF Reader before 2025.2.1, 14.0.1, and 13.2.1 on Windows and MacOS. When opening a PDF containing specially crafted JavaScript, a pointer to memory that has already been freed may be accessed or dereferenced, potentially allowing a remote attacker to execute arbitrary code.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages4 packages

▶NVDfoxit/pdf_reader2025.2.1.33197+1

▶CVEListV5foxit_software_inc./foxit_pdf_readerVersions 13.2.1 and eariler, Versions 14.0.1 and earlier, Versions 2025.2.1 and earlier+2

▶NVDfoxit/pdf_editor14.0.0.33046 — 14.0.1.33197+9

▶CVEListV5foxit_software_inc./foxit_pdf_editorVersions 13.2.1 and eariler, Versions 14.0.1 and earlier, Versions 2025.2.1 and earlier+2

🔴Vulnerability Details

GHSA

GHSA-xr34-pc3c-449f: A use-after-free vulnerability exists in the annotation handling of Foxit PDF Reader before 2025↗2025-12-19

▶

CVEList

Foxit PDF Reader Annotation Use-After-Free Remote Code Execution Vulnerability↗2025-12-19

▶

🕵️Threat Intelligence

Wiz

CVE-2025-66495 Impact, Exploitability, and Mitigation Steps | Wiz↗

▶