CVE-2025-63917

HIGH

PDFPatcher < 1.1.3.4663 - XML External Entity Injection via Bookmark Import

Title source: llm

Description

PDFPatcher thru 1.1.3.4663 executable's XML bookmark import functionality does not restrict XML external entity (XXE) references. The application uses .NET's XmlDocument class without disabling external entity resolution, enabling attackers to: Read arbitrary files from the victim's filesystem, exfiltrate sensitive data via out-of-band (OOB) HTTP requests, perform SSRF attacks against internal network resources, or cause a denial of service via entity expansion attacks.

References (3)

Core 3

Core References

Exploit, Third Party Advisory

https://github.com/cydtseng/Vulnerability-Research/blob/main/pdfpatcher/XXE-Importers.md

View Exploit ZIP pw:eip

Product

https://github.com/wmjordan/PDFPatcher

Product

https://www.cnblogs.com/pdfpatcher

Scores

CVSS v3 7.1

EPSS 0.0032

EPSS Percentile 24.0%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:L

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact partial

Details

CWE

CWE-611

Status published

Products (1)

cnblogs/pdfpatcher < 1.1.3.4663

Published Nov 17, 2025

Tracked Since Feb 18, 2026