CVE-2026-57253 PUBLISHED

Foxit PDF Editor/Reader PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

Assigner: Foxit
Reserved: 24.06.2026 Published: 08.07.2026 Updated: 08.07.2026

An abnormal image object causes the renderer to enter the wrong processing branch. When converting the scan lines, an invalid image buffer pointer is used, resulting in the application crashing.

Metrics

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H
CVSS Score: 6.1

Product Status

Vendor Foxit Software Inc.
Product Foxit PDF Editor
Versions Default: unaffected
  • Version Versions 2026.1.1 and earlier is affected
  • Version Versions 14.0.4 and earlier is affected
  • Version Versions 13.2.4 and earlier is affected
Vendor Foxit Software Inc.
Product Foxit PDF Reader
Versions Default: unaffected
  • Version Versions 2026.1.1 and earlier is affected

Credits

  • Anonymous working with TrendAI Zero Day Initiative finder

References

Problem Types

  • CWE-125 Out-of-bounds read CWE

Impacts

  • Information Disclosure