Foxit Pdf Reader vulnerabilities
310 known vulnerabilities affecting foxit/pdf_reader.
Total CVEs
310
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
CRITICAL3HIGH239MEDIUM38LOW30
Vulnerabilities
Page 1 of 16
CVE-2026-5941HIGHCVSS 7.1fixed in 2026.1.12026-04-27
CVE-2026-5941 [HIGH] CWE-20 CVE-2026-5941: Parsing logic flaws cause non-signature data to be misidentified as valid signatures when processing
Parsing logic flaws cause non-signature data to be misidentified as valid signatures when processing malformed form field hierarchies, leading to invalid memory writes and program crashes during internal data structure construction.
nvd
CVE-2026-5943HIGHCVSS 7.8fixed in 2026.1.12026-04-27
CVE-2026-5943 [HIGH] CWE-416 CVE-2026-5943: Document structural anomalies caused inconsistencies between page element relationships and internal
Document structural anomalies caused inconsistencies between page element relationships and internal index states. When scripts triggered document modifications, object reference validity was not properly maintained, leading to a crash when accessing an invalid pointer during page information queries.
nvd
CVE-2026-5938MEDIUMCVSS 5.5fixed in 2026.1.12026-04-27
CVE-2026-5938 [MEDIUM] CWE-691 CVE-2026-5938: Improper control flow management allows a crafted document action chain to cause modal dialog reentr
Improper control flow management allows a crafted document action chain to cause modal dialog reentry on the main thread, resulting in UI freeze and denial of service.
nvd
CVE-2026-5937MEDIUMCVSS 5.5fixed in 2026.1.12026-04-27
CVE-2026-5937 [MEDIUM] CWE-248 CVE-2026-5937: Insufficient parameter verification leads to the occurrence of format errors in files, which will tr
Insufficient parameter verification leads to the occurrence of format errors in files, which will trigger an unhandled "std::invalid_argument" exception, ultimately causing the program to terminate.
nvd
CVE-2026-5940MEDIUMCVSS 5.5fixed in 2026.1.12026-04-27
CVE-2026-5940 [MEDIUM] CWE-416 CVE-2026-5940: Calling a function that triggers a UI refresh after removing comments via a script may access an inv
Calling a function that triggers a UI refresh after removing comments via a script may access an invalidated object, leading to program crashes.
nvd
CVE-2026-5942MEDIUMCVSS 5.5fixed in 2026.1.12026-04-27
CVE-2026-5942 [MEDIUM] CWE-416 CVE-2026-5942: Flaws in page lifecycle management allow document structure changes to desynchronize internal compon
Flaws in page lifecycle management allow document structure changes to desynchronize internal component states, causing subsequent operations to access invalidated objects and crash the program.
nvd
CVE-2026-5939MEDIUMCVSS 5.5fixed in 2026.1.12026-04-27
CVE-2026-5939 [MEDIUM] CWE-416 CVE-2026-5939: A crafted XFA PDF can trigger a use-after-free condition during calculate event processing, causing
A crafted XFA PDF can trigger a use-after-free condition during calculate event processing, causing the application to crash and resulting in an arbitrary code execution.
nvd
CVE-2026-3774HIGHCVSS 7.5≤ 2025.3.0.357372026-04-01
CVE-2026-3774 [HIGH] CWE-200 CVE-2026-3774: The application allows PDF JavaScript and document/print actions (such as WillPrint/DidPrint) to upd
The application allows PDF JavaScript and document/print actions (such as WillPrint/DidPrint) to update form fields, annotations, or optional content groups (OCGs) immediately before or after redaction, encryption, or printing. These script‑driven updates are not fully covered by the existing redaction, encryption, and printing logic, which, under speci
nvd
CVE-2026-3780HIGHCVSS 7.8≤ 2025.3.0.357372026-04-01
CVE-2026-3780 [HIGH] CWE-426 CVE-2026-3780: The application's installer runs with elevated privileges but resolves system executables and DLLs u
The application's installer runs with elevated privileges but resolves system executables and DLLs using untrusted search paths that can include user-writable directories, allowing a local attacker to place malicious binaries with the same names and have them loaded or executed instead of the legitimate system files, resulting in local privilege escalat
nvd
CVE-2026-3779HIGHCVSS 7.8≤ 2025.3.0.35737≤ 2025.3.0.695702026-04-01
CVE-2026-3779 [HIGH] CWE-416 CVE-2026-3779: The application's list box calculate array logic keeps stale references to page or form objects afte
The application's list box calculate array logic keeps stale references to page or form objects after they are deleted or re-created, which allows crafted documents to trigger a use-after-free when the calculation runs and can potentially lead to arbitrary code execution.
nvd
CVE-2025-66499HIGHCVSS 7.8≤ 2025.2.1.33197≤ 2025.2.1.690052025-12-19
CVE-2025-66499 [HIGH] CWE-190 CVE-2025-66499: A heap-based buffer overflow vulnerability exists in the PDF parsing of Foxit PDF Reader when proces
A heap-based buffer overflow vulnerability exists in the PDF parsing of Foxit PDF Reader when processing specially crafted JBIG2 data. An integer overflow in the calculation of the image buffer size may occur, potentially allowing a remote attacker to execute arbitrary code.
nvd
CVE-2025-13941HIGHCVSS 8.8≤ 2025.2.1.331972025-12-19
CVE-2025-13941 [HIGH] CWE-732 CVE-2025-13941: A local privilege escalation vulnerability exists in the Foxit PDF Reader/Editor Update Service. Dur
A local privilege escalation vulnerability exists in the Foxit PDF Reader/Editor Update Service. During plugin installation, incorrect file system permissions are assigned to resources used by the update service. A local attacker with low privileges could modify or replace these resources, which are later executed by the service, resulting in executio
nvd
CVE-2025-66498HIGHCVSS 7.8≤ 2025.2.1.331972025-12-19
CVE-2025-66498 [HIGH] CWE-125 CVE-2025-66498: A memory corruption vulnerability exists in the 3D annotation handling of Foxit PDF Reader due to in
A memory corruption vulnerability exists in the 3D annotation handling of Foxit PDF Reader due to insufficient bounds checking when parsing U3D data. When opening a PDF file containing malformed or specially crafted PRC content, out-of-bounds memory access may occur, resulting in memory corruption.
nvd
CVE-2025-66495HIGHCVSS 7.8≤ 2025.2.1.33197≤ 2025.2.1.690052025-12-19
CVE-2025-66495 [HIGH] CWE-416 CVE-2025-66495: A use-after-free vulnerability exists in the annotation handling of Foxit PDF Reader before 2025.2.1
A use-after-free vulnerability exists in the annotation handling of Foxit PDF Reader before 2025.2.1, 14.0.1, and 13.2.1 on Windows and MacOS. When opening a PDF containing specially crafted JavaScript, a pointer to memory that has already been freed may be accessed or dereferenced, potentially allowing a remote attacker to execute arbitrary code.
nvd
CVE-2025-66497HIGHCVSS 7.8≤ 2025.2.1.33197≤ 2025.2.1.690052025-12-19
CVE-2025-66497 [HIGH] CWE-125 CVE-2025-66497: A memory corruption vulnerability exists in the 3D annotation handling of Foxit PDF Reader due to in
A memory corruption vulnerability exists in the 3D annotation handling of Foxit PDF Reader due to insufficient bounds checking when parsing PRC data. When opening a PDF file containing malformed or specially crafted PRC content, out-of-bounds memory access may occur, resulting in memory corruption.
nvd
CVE-2025-66493HIGHCVSS 7.8≤ 2025.2.1.331972025-12-19
CVE-2025-66493 [HIGH] CWE-416 CVE-2025-66493: A use-after-free vulnerability exists in the AcroForm handling of Foxit PDF Reader and Foxit PDF Edi
A use-after-free vulnerability exists in the AcroForm handling of Foxit PDF Reader and Foxit PDF Editor before 2025.2.1,14.0.1 and 13.2.1
on Windows
. When opening a PDF containing specially crafted JavaScript, a pointer to memory that has already been freed may be accessed or dereferenced, potentially allowing a remote attacker to execute arbitrary
nvd
CVE-2025-66496HIGHCVSS 7.8≤ 2025.2.1.331972025-12-19
CVE-2025-66496 [HIGH] CWE-125 CVE-2025-66496: A memory corruption vulnerability exists in the 3D annotation handling of Foxit PDF Reader due to in
A memory corruption vulnerability exists in the 3D annotation handling of Foxit PDF Reader due to insufficient bounds checking when parsing PRC data. When opening a PDF file containing malformed or specially crafted PRC content, out-of-bounds memory access may occur, resulting in memory corruption.
nvd
CVE-2025-66494HIGHCVSS 7.8≤ 2025.2.1.331972025-12-19
CVE-2025-66494 [HIGH] CWE-416 CVE-2025-66494: A use-after-free vulnerability exists in the PDF file parsing of Foxit PDF Reader before 2025.2.1, 1
A use-after-free vulnerability exists in the PDF file parsing of Foxit PDF Reader before 2025.2.1, 14.0.1, and 13.2.1 on Windows. A PDF object managed by multiple parent objects could be freed while still being referenced, potentially allowing a remote attacker to execute arbitrary code.
nvd
CVE-2025-55313HIGHCVSS 7.8≤ 2025.1.0.27937≤ 2025.1.0.666922025-12-11
CVE-2025-55313 [HIGH] CWE-94 CVE-2025-55313: An issue was discovered in Foxit PDF and Editor for Windows and macOS before 13.2 and 2025 before 20
An issue was discovered in Foxit PDF and Editor for Windows and macOS before 13.2 and 2025 before 2025.2. They allow potential arbitrary code execution when processing crafted PDF files. The vulnerability stems from insufficient handling of memory allocation failures after assigning an extremely large value to a form field's charLimit property via Java
nvd
CVE-2025-55314HIGHCVSS 7.8≤ 2025.1.0.279372025-12-11
CVE-2025-55314 [HIGH] CWE-476 CVE-2025-55314: An issue was discovered in Foxit PDF and Editor for Windows and macOS before 13.2 and 2025 before 20
An issue was discovered in Foxit PDF and Editor for Windows and macOS before 13.2 and 2025 before 2025.2. When pages in a PDF are deleted via JavaScript, the application may fail to properly update internal states. Subsequent annotation management operations assume these states are valid, causing dereference of invalid or released memory. This can lea
nvd
1 / 16Next →