Primary

Context

pdfforge PDF Architect Insufficient UI Warning Remote Code Execution Vulnerability

Vulnerability

A remote code execution vulnerability has been identified in pdfforge PDF Architect. This issue arises from the Launch action, where dangerous scripts can be executed without proper user warnings. Exploitation requires user interaction, as the target must open a malicious file or visit a harmful webpage. Once exploited, the arbitrary code runs in the context of the user.

Impact

Exploitation of this vulnerability allows for arbitrary code execution on the affected system, with the executed code running under the current user's privileges.

Remediation

Due to the nature of this vulnerability, the primary recommendation is to limit interactions with the product.

Added: Dec 23, 2025, 10:34 PM

Updated: Dec 23, 2025, 10:34 PM

Vulnerability Rating

Custom Algorithm

spread

4.2

impact

10.0

exploitability

4.4

remediation

7.9

relevance

1.6

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

4.2

impact

10.0

exploitability

4.4

remediation

7.9

relevance

1.6

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

pdfforge PDF Architect Insufficient UI Warning Remote Code Execution Vulnerability

Vulnerability

Impact

Remediation

Affected Products

pdfforge PDF Architect

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating