CVE-2026-8733
MEDIUMInvestintech SlimPDFReader SlimPDFReader.exe sub_3B4610 stack-based overflow
Title source: cnaDescription
A vulnerability was found in Investintech SlimPDFReader up to 2.0.13. Affected by this vulnerability is the function sub_3B4610 of the file SlimPDFReader.exe. The manipulation results in stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been made public and could be used. The vendor responded to the initial vulnerability report by the researcher with a note that the product is discontinued. This vulnerability only affects products that are no longer supported by the maintainer.
References (4)
Core 4
Core References
Vdb Entry, Technical Description vdb-entry
technical-description
VDB-364321 | Investintech SlimPDFReader SlimPDFReader.exe sub_3B4610 stack-based overflow
https://vuldb.com/vuln/364321
Signature, Permissions Required signature
permissions-required
VDB-364321 | CTI Indicators (IOB, IOC, IOA)
https://vuldb.com/vuln/364321/cti
Third Party Advisory third-party-advisory
Submit #809300 | Investintech SlimPDFReader 2.0.14 Stack overflow (Infinite Recursion)
https://vuldb.com/submit/809300
Exploit exploit
https://sharing.sit.fraunhofer.de/s/RYcqZbGqgZXxab2
Scores
CVSS v3
6.3
EPSS
0.0026
EPSS Percentile
17.2%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
CISA SSVC
Vulnrichment
Exploitation
poc
Automatable
no
Technical Impact
partial
Details
CWE
CWE-119
CWE-121
Status
published
Products (14)
Investintech/SlimPDFReader
2.0.0
Investintech/SlimPDFReader
2.0.1
Investintech/SlimPDFReader
2.0.10
Investintech/SlimPDFReader
2.0.11
Investintech/SlimPDFReader
2.0.12
Investintech/SlimPDFReader
2.0.13
Investintech/SlimPDFReader
2.0.2
Investintech/SlimPDFReader
2.0.3
Investintech/SlimPDFReader
2.0.4
Investintech/SlimPDFReader
2.0.5
... and 4 more
Published
May 17, 2026
Tracked Since
May 17, 2026