Dismissed
(no matching packages found)
Permalink
CVE-2026-57250
7.8 HIGH
- CVSS version (CVSS): 3.1
- Attack Vector (AV): Local (L)
- Attack Complexity (AC): Low (L)
- Privileges Required (PR): None (N)
- User Interaction (UI): Required (R)
- Scope (S): Unchanged (U)
- Confidentiality (C): High (H)
- Integrity (I): High (H)
- Availability (A): High (H)
- Modified Attack Vector (MAV): Local (L)
- Modified Attack Complexity (MAC): Low (L)
- Modified Privileges Required (MPR): None (N)
- Modified User Interaction (MUI): Required (R)
- Modified Confidentiality (MC): High (H)
- Modified Scope (MS): Unchanged (U)
- Modified Integrity (MI): High (H)
- Modified Availability (MA): High (H)
Activity log
- Created & dismissed (no matching packages found) suggestion
Foxit PDF Editor/Reader Form Field Use-After-Free Vulnerability
When the application opens a PDF and JavaScript resets the form fields, the script re-enters the interface. The underlying native object is damaged, but the application does not perform validation. The function call on the damaged object leads to the application crashing.
Affected products
Foxit PDF Editor
- ==Versions 13.2.4 and earlier
- ==Versions 13.2.3 and earlier
- ==Versions 2026.1.1 and earlier
- ==Versions 14.0.3 and earlier
- ==Versions 14.0.4 and earlier
Foxit PDF Reader
- ==Versions 2026.1.1 and earlier