CVE-2026-30287

HIGH

ACE Scanner PDF Scanner 1.4.5 - File Overwrite

Title source: llm

Description

An arbitrary file overwrite vulnerability in Deep Thought Industries ACE Scanner PDF Scanner v1.4.5 allows attackers to overwrite critical internal files via the file import process, leading to arbitrary code execution or information exposure.

References (4)

https://secsys.fudan.edu.cn/

https://deepthought.industries/

https://play.google.com/store/apps/details?id=pdfscanner.scan.pdf.scanner.free

https://github.com/Secsys-FDU/AF_CVEs/issues/16

Scores

CVSS v3 8.4

EPSS 0.0001

EPSS Percentile 1.7%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact total

Details

CWE

CWE-73

Status published

Products (1)

deepthought.industries/ace_scanner 1.4.5

Published Apr 01, 2026

Tracked Since Apr 01, 2026