Pdf-Xchange Editor vulnerabilities
289 known vulnerabilities affecting pdf-xchange/pdf-xchange_editor.
Total CVEs
289
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH166MEDIUM106LOW17
Vulnerabilities
Page 1 of 15
CVE-2026-2040HIGHCVSS 7.3v10.7.2.4002026-02-20
CVE-2026-2040 [HIGH] CWE-427 CVE-2026-2040: PDF-XChange Editor TrackerUpdate Uncontrolled Search Path Element Local Privilege Escalation Vulnera
PDF-XChange Editor TrackerUpdate Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of PDF-XChange Editor. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
cvelistv5nvd
CVE-2025-64086HIGHCVSS 7.5v10.7.3.4012025-12-09
CVE-2025-64086 [HIGH] CWE-476 CVE-2025-64086: A NULL pointer dereference vulnerability in the util.readFileIntoStream component of PDF-XChange Edi
A NULL pointer dereference vulnerability in the util.readFileIntoStream component of PDF-XChange Editor v10.7.3.401 allows attackers to cause a Denial of Service (DoS) via a crafted input.
nvd
CVE-2025-64085HIGHCVSS 7.5v10.7.3.4012025-12-09
CVE-2025-64085 [HIGH] CWE-476 CVE-2025-64085: A NULL pointer dereference vulnerability in the importDataObject() function of PDF-XChange Editor v1
A NULL pointer dereference vulnerability in the importDataObject() function of PDF-XChange Editor v10.7.3.401 allows attackers to cause a Denial of Service (DoS) via a crafted input.
nvd
CVE-2025-58113MEDIUMCVSS 6.5v10.7.3.4012025-12-02
CVE-2025-58113 [MEDIUM] CWE-125 CVE-2025-58113: An out-of-bounds read vulnerability exists in the EMF functionality of PDF-XChange Co. Ltd PDF-XChan
An out-of-bounds read vulnerability exists in the EMF functionality of PDF-XChange Co. Ltd PDF-XChange Editor 10.7.3.401. By using a specially crafted EMF file, an attacker could exploit this vulnerability to perform an out-of-bounds read, potentially leading to the disclosure of sensitive information.
nvd
CVE-2025-27931MEDIUMCVSS 6.5v10.5.2.3952025-08-05
CVE-2025-27931 [MEDIUM] CWE-125 CVE-2025-27931: An out-of-bounds read vulnerability exists in the EMF functionality of PDF-XChange Editor version 10
An out-of-bounds read vulnerability exists in the EMF functionality of PDF-XChange Editor version 10.5.2.395. By using a specially crafted EMF file, an attacker could exploit this vulnerability to perform an out-of-bounds read, potentially leading to the disclosure of sensitive information.
nvd
CVE-2025-47152MEDIUMCVSS 6.5v10.6.0.3962025-08-05
CVE-2025-47152 [MEDIUM] CWE-125 CVE-2025-47152: An out-of-bounds read vulnerability exists in the EMF functionality of PDF-XChange Co. Ltd PDF-XChan
An out-of-bounds read vulnerability exists in the EMF functionality of PDF-XChange Co. Ltd PDF-XChange Editor 10.6.0.396. By using a specially crafted EMF file, an attacker could exploit this vulnerability to perform an out-of-bounds read, potentially leading to the disclosure of sensitive information.
nvd
CVE-2025-6647HIGHCVSS 7.8v10.5.2.3952025-06-25
CVE-2025-6647 [HIGH] CWE-787 CVE-2025-6647: PDF-XChange Editor U3D File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vu
PDF-XChange Editor U3D File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specifi
cvelistv5nvd
CVE-2025-6660HIGHCVSS 7.8v10.5.2.3952025-06-25
CVE-2025-6660 [HIGH] CWE-122 CVE-2025-6660: PDF-XChange Editor GIF File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability.
PDF-XChange Editor GIF File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The s
cvelistv5nvd
CVE-2025-6661HIGHCVSS 7.8v10.5.2.3952025-06-25
CVE-2025-6661 [HIGH] CWE-416 CVE-2025-6661: PDF-XChange Editor App Object Use-After-Free Remote Code Execution Vulnerability. This vulnerability
PDF-XChange Editor App Object Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exis
cvelistv5nvd
CVE-2025-6654HIGHCVSS 7.8v10.5.2.3952025-06-25
CVE-2025-6654 [HIGH] CWE-787 CVE-2025-6654: PDF-XChange Editor PRC File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vu
PDF-XChange Editor PRC File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specifi
cvelistv5nvd
CVE-2025-6651HIGHCVSS 7.8v10.5.2.3952025-06-25
CVE-2025-6651 [HIGH] CWE-787 CVE-2025-6651: PDF-XChange Editor JP2 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vu
PDF-XChange Editor JP2 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specifi
cvelistv5nvd
CVE-2025-6644HIGHCVSS 7.8v10.5.2.3952025-06-25
CVE-2025-6644 [HIGH] CWE-416 CVE-2025-6644: PDF-XChange Editor U3D File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnera
PDF-XChange Editor U3D File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific fla
cvelistv5nvd
CVE-2025-6640HIGHCVSS 7.8v10.5.2.3952025-06-25
CVE-2025-6640 [HIGH] CWE-416 CVE-2025-6640: PDF-XChange Editor U3D File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnera
PDF-XChange Editor U3D File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific fla
cvelistv5nvd
CVE-2025-6659HIGHCVSS 7.8v10.5.2.3952025-06-25
CVE-2025-6659 [HIGH] CWE-787 CVE-2025-6659: PDF-XChange Editor PRC File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vu
PDF-XChange Editor PRC File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specifi
cvelistv5nvd
CVE-2025-6645HIGHCVSS 7.8v10.5.2.3952025-06-25
CVE-2025-6645 [HIGH] CWE-416 CVE-2025-6645: PDF-XChange Editor U3D File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnera
PDF-XChange Editor U3D File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific fla
cvelistv5nvd
CVE-2025-6642HIGHCVSS 7.8v10.5.2.3952025-06-25
CVE-2025-6642 [HIGH] CWE-125 CVE-2025-6642: PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vul
PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific
cvelistv5nvd
CVE-2025-6646LOWCVSS 3.3v10.5.2.3952025-06-25
CVE-2025-6646 [LOW] CWE-416 CVE-2025-6646: PDF-XChange Editor U3D File Parsing Use-After-Free Information Disclosure Vulnerability. This vulner
PDF-XChange Editor U3D File Parsing Use-After-Free Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The spec
cvelistv5nvd
CVE-2025-6662LOWCVSS 3.3v10.5.2.3952025-06-25
CVE-2025-6662 [LOW] CWE-125 CVE-2025-6662: PDF-XChange Editor PRC File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vu
PDF-XChange Editor PRC File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The
cvelistv5nvd
CVE-2025-6658LOWCVSS 3.3v10.5.2.3952025-06-25
CVE-2025-6658 [LOW] CWE-125 CVE-2025-6658: PDF-XChange Editor PRC File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vu
PDF-XChange Editor PRC File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The
cvelistv5nvd
CVE-2025-6656LOWCVSS 3.3v10.5.2.3952025-06-25
CVE-2025-6656 [LOW] CWE-125 CVE-2025-6656: PDF-XChange Editor PRC File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vu
PDF-XChange Editor PRC File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The
cvelistv5nvd
1 / 15Next →