Primary

Context

Nitro PDF Pro Signer Information Vulnerability

Vulnerability

Patched

A vulnerability exists in Nitro PDF Pro for Windows, prior to version 14.42.0.34, where the application may display signer information from an unverified PDF field instead of the verified certificate subject. This issue can lead to inconsistencies in signer details within documents. The display logic has been updated in version 14.42.0.34 to ensure that signer information accurately reflects the verified certificate identity.

Impact

This vulnerability could cause documents to present conflicting signer information, potentially leading to misrepresentation in legal or official contexts where accurate signature details are crucial.

Remediation

Users can upgrade to Nitro PDF Pro for Windows version 14.42.0.34 to address this vulnerability.

Added: Jan 8, 2026, 7:49 PM

Updated: Jan 8, 2026, 7:49 PM

Vulnerability Rating

Custom Algorithm

spread

6.6

impact

0.6

exploitability

4.4

remediation

7.7

relevance

1.8

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

6.6

impact

0.6

exploitability

4.4

remediation

7.7

relevance

1.8

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Nitro PDF Pro Signer Information Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Nitro PDF Pro

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating