Primary

Context

Foxit Products Use-After-Free Vulnerability Leading to Potential Arbitrary Code Execution

Vulnerability

A use-after-free vulnerability has been identified in multiple Foxit products, including Foxit PDF Reader and Foxit PDF Editor, all on Windows. This vulnerability arises when the application mishandles certain document elements, such as XFA files or annotation objects, allowing access to invalidated objects. Exploitation of this flaw could result in program crashes and, in some cases, unauthorized code execution.

Impact

Exploitation of this vulnerability could cause the application to crash and potentially allow for the execution of arbitrary code.

Remediation

Users can update to the latest versions of Foxit PDF Reader or Foxit PDF Editor. Instructions for updating are available on the Foxit website.

Added: Apr 27, 2026, 12:22 PM

Updated: Apr 27, 2026, 12:22 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

3.6

remediation

0.0

relevance

6.5

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

3.6

remediation

0.0

relevance

6.5

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Foxit Products Use-After-Free Vulnerability Leading to Potential Arbitrary Code Execution

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating