CVE-2026-13522

MEDIUM

Investintech SlimPDFReader PDF File SlimPDFReader.exe TeighaDo+0x25cde0 out-of-bounds

Title source: cna
STIX 2.1

Description

A security flaw has been discovered in Investintech SlimPDFReader up to 2.0.14. Affected by this issue is the function SlimPDFReader!Investintech::PCV::TeighaDo+0x25cde0 of the file SlimPDFReader.exe of the component PDF File Handler. Performing a manipulation results in out-of-bounds read. It is possible to initiate the attack remotely. This vulnerability only affects products that are no longer supported by the maintainer.

References (4)

Core 4
Core References
Signature, Permissions Required signature permissions-required
VDB-374530 | CTI Indicators (IOB, IOC, IOA)
https://vuldb.com/vuln/374530/cti
Third Party Advisory third-party-advisory
CVE-2026-13522 | CVE Analysis and Report
https://vuldb.com/cve/CVE-2026-13522
Third Party Advisory third-party-advisory
Submit #839637 | Investintech SlimPDFReader 2.0.14 Out-of-bounds read
https://vuldb.com/submit/839637
Vdb Entry, Technical Description vdb-entry technical-description
VDB-374530 | Investintech SlimPDFReader PDF File SlimPDFReader.exe TeighaDo+0x25cde0 out-of-bounds
https://vuldb.com/vuln/374530

Scores

CVSS v3 4.3
EPSS 0.0029
EPSS Percentile 21.1%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

CISA SSVC

Vulnrichment
Exploitation poc
Automatable no
Technical Impact partial

Details

CWE
CWE-119 CWE-125
Status published
Products (15)
Investintech/SlimPDFReader 2.0.0
Investintech/SlimPDFReader 2.0.1
Investintech/SlimPDFReader 2.0.10
Investintech/SlimPDFReader 2.0.11
Investintech/SlimPDFReader 2.0.12
Investintech/SlimPDFReader 2.0.13
Investintech/SlimPDFReader 2.0.14
Investintech/SlimPDFReader 2.0.2
Investintech/SlimPDFReader 2.0.3
Investintech/SlimPDFReader 2.0.4
... and 5 more
Published Jun 29, 2026
Tracked Since Jun 29, 2026