Primary

Context

Foxit Products Null Pointer Dereference Vulnerability Leading to Denial-of-Service

Vulnerability

A null pointer dereference vulnerability has been identified in Foxit PDF Reader and Foxit PDF Editor. This issue arises when the application fails to validate the presence of required appearance (AP) data in stamp annotations before accessing related resources. As a result, a crafted PDF can trigger a null pointer dereference, causing the application to crash and leading to a denial-of-service condition. This vulnerability affects multiple versions of Foxit PDF Reader and Foxit PDF Editor on Windows and Mac platforms.

Impact

Exploitation of this vulnerability causes the application to crash, leading to a denial-of-service condition.

Remediation

Users can update to Foxit PDF Reader or Foxit PDF Editor version 2026.1 or later. Instructions for updating are available on the Foxit website.

Added: Apr 1, 2026, 2:26 AM

Updated: Apr 1, 2026, 2:26 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

6.2

remediation

0.0

relevance

4.8

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

6.2

remediation

0.0

relevance

4.8

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Foxit Products Null Pointer Dereference Vulnerability Leading to Denial-of-Service

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating