Primary

Context

Foxit Products Use-After-Free Vulnerability in XFA PDF Processing Allowing Arbitrary Code Execution

Vulnerability

A use-after-free vulnerability has been identified in Foxit PDF Reader and Foxit PDF Editor. This vulnerability arises when the application processes certain XFA PDFs, leading to a crash and potentially allowing arbitrary code execution. The issue is caused by the application accessing invalid objects or pointers that have been deleted without proper validation, during the calculation event processing of the crafted XFA PDF.

Impact

Exploitation of this vulnerability causes the application to crash and could lead to arbitrary code execution.

Remediation

Users can update to Foxit PDF Reader 2026.1.1 or Foxit PDF Editor 2026.1.1/14.0.4. Instructions for updating are available on the Foxit website. For Mac users, Foxit PDF Editor and Foxit PDF Reader have also been released in versions 2026.1, which address this vulnerability.

Added: Apr 27, 2026, 12:23 PM

Updated: Apr 27, 2026, 12:23 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

3.6

remediation

0.0

relevance

6.8

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

3.6

remediation

0.0

relevance

6.8

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Foxit Products Use-After-Free Vulnerability in XFA PDF Processing Allowing Arbitrary Code Execution

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating