Primary

Context

pdfforge PDF Architect Remote Code Execution Vulnerability via Malicious XLS Files

Vulnerability

A remote code execution vulnerability has been identified in pdfforge PDF Architect, specifically in the handling of XLS files. This issue arises from insufficient user interface warnings, allowing the execution of harmful scripts without notification. Exploitation of this vulnerability requires user interaction, as the target must open a malicious XLS file.

Impact

Exploitation of this vulnerability allows for arbitrary code execution on the affected system, executed in the context of the current user.

Remediation

Users are advised to limit interactions with the product, especially regarding XLS files.

Added: Dec 23, 2025, 10:34 PM

Updated: Dec 23, 2025, 10:34 PM

Vulnerability Rating

Custom Algorithm

spread

4.2

impact

10.0

exploitability

4.4

remediation

7.9

relevance

1.7

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

4.2

impact

10.0

exploitability

4.4

remediation

7.9

relevance

1.7

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

pdfforge PDF Architect Remote Code Execution Vulnerability via Malicious XLS Files

Vulnerability

Impact

Remediation

Affected Products

pdfforge PDF Architect

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating