Dismissed
(no matching packages found)
Permalink
CVE-2026-57238
7.8 HIGH
- CVSS version (CVSS): 3.1
- Attack Vector (AV): Local (L)
- Attack Complexity (AC): Low (L)
- Privileges Required (PR): None (N)
- User Interaction (UI): Required (R)
- Scope (S): Unchanged (U)
- Confidentiality (C): High (H)
- Integrity (I): High (H)
- Availability (A): High (H)
- Modified Attack Vector (MAV): Local (L)
- Modified Attack Complexity (MAC): Low (L)
- Modified Privileges Required (MPR): None (N)
- Modified User Interaction (MUI): Required (R)
- Modified Confidentiality (MC): High (H)
- Modified Scope (MS): Unchanged (U)
- Modified Integrity (MI): High (H)
- Modified Availability (MA): High (H)
Activity log
- Created & dismissed (no matching packages found) suggestion
Foxit PDF Editor/Reader Annotation Use-After-Free Remote Code Execution Vulnerability
After the application opened the PDF, JavaScript deleted the form field object. Subsequently, it attempted to access the invalid object, which caused the application to crash.
Affected products
Foxit PDF Editor
- ==Versions 13.2.4 and earlier
- ==Versions 14.0.4 and earlier
- ==Versions 2026.1.1 and earlier
Foxit PDF Reader
- ==Versions 2026.1.1 and earlier