CVE-2026-57253

MEDIUM

Foxit PDF Editor/Reader PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

Title source: cna
STIX 2.1

Description

An abnormal image object causes the renderer to enter the wrong processing branch. When converting the scan lines, an invalid image buffer pointer is used, resulting in the application crashing.

References (1)

Core 1

Scores

CVSS v3 6.1
EPSS 0.0011
EPSS Percentile 1.4%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact partial

Details

CWE
CWE-125
Status published
Products (4)
Foxit Software Inc./Foxit PDF Editor Versions 13.2.4 and earlier
Foxit Software Inc./Foxit PDF Editor Versions 14.0.4 and earlier
Foxit Software Inc./Foxit PDF Editor Versions 2026.1.1 and earlier
Foxit Software Inc./Foxit PDF Reader Versions 2026.1.1 and earlier
Published Jul 08, 2026
Tracked Since Jul 08, 2026