Nitro PDF Pro NULL Pointer Dereference Vulnerability in JavaScript app.alert() Function

Vulnerability

A NULL pointer dereference vulnerability has been identified in Nitro PDF Pro for Windows, version 14.41.1.4. The issue arises in the JavaScript implementation of the app.alert() function. When app.alert() is invoked with multiple arguments, and the first argument is null (such as when app.activeDocs is null), the JavaScript engine redirects the call through a fallback intended for non-string arguments. This fallback invokes js_ValueToString() on the null value, which returns an invalid string pointer. This pointer is then passed to JS_GetStringChars() without proper validation, leading to a dereferencing of the pointer that causes an access violation and crashes the application. The vulnerability can be exploited by opening a specially crafted PDF that triggers this behavior.

Impact

Exploitation of this vulnerability causes an access violation, leading to a crash of the Nitro PDF Pro application.

Added: Apr 13, 2026, 6:18 PM

Updated: Apr 13, 2026, 6:18 PM

Vulnerability Rating

Custom Algorithm

spread

6.6

impact

0.6

exploitability

4.2

remediation

0.0

relevance

5.8

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

6.6

impact

0.6

exploitability

4.2

remediation

0.0

relevance

5.8

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Nitro PDF Pro NULL Pointer Dereference Vulnerability in JavaScript app.alert() Function

Vulnerability

Impact

Affected Products

Nitro PDF Pro

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating