Multiple vulnerabilities in Foxit products (July 08, 2026)
Multiple vulnerabilities have been discovered in Foxit products. Some of them allow an attacker to cause remote arbitrary code execution, privilege escalation, and data confidentiality breaches.
CSIRTS triage
- What
- Multiple vulnerabilities allow attackers to cause remote arbitrary code execution, privilege escalation, and data confidentiality breaches.
- Who is affected
- Users of Foxit products.
- Urgency
- Remediation is critical due to the high risk of exploitation.
- Action
- Users should update to the latest versions of Foxit products.
AI-assisted analysis generated from the source advisory — verify against the original.
⚡ Watch Foxit products
Get an email when a new Foxit products advisory drops — max one per day, one-click unsubscribe.
Details
Original advisory: https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0845/
Exploitation outlook
EPSS (FIRST.org) estimates each CVE’s probability of exploitation in the next 30 days — here is the CSIRTS.com read on those numbers.
- Low exploitation riskCVE-2026-572480.12% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 2% of all scored CVEs.
- Low exploitation riskCVE-2026-572470.12% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 2% of all scored CVEs.
- Low exploitation riskCVE-2026-572500.12% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 2% of all scored CVEs.
- Low exploitation riskCVE-2026-572490.12% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 2% of all scored CVEs.
- Low exploitation riskCVE-2026-572580.11% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 2% of all scored CVEs.
- Low exploitation riskCVE-2026-572520.12% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 2% of all scored CVEs.
- Low exploitation riskCVE-2026-131270.12% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 2% of all scored CVEs.
- Low exploitation riskCVE-2026-572430.11% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 1% of all scored CVEs.
- Low exploitation riskCVE-2026-572600.12% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 2% of all scored CVEs.
- Low exploitation riskCVE-2026-572410.11% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 1% of all scored CVEs.
Referenced CVEs
Same CVEs, other sources
How other CERTs, PSIRTs and databases cover the vulnerabilities in this advisory.
- high[NEW] [high] Foxit PDF Editor and PDF Reader: Multiple vulnerabilitiescert-bund
- highCVE-2026-57260: The application opened a PDF file containing an abnormal Unity 3D object. During parsing, the …nvd
- mediumCVE-2026-57259: The input file does not need to be strictly in a structurally valid PDF format. Instead, after…nvd
- mediumCVE-2026-57258: The PRC file header parsing logic trusts the constructed file structure description informatio…nvd
- mediumCVE-2026-57257: During the PRC parsing stage, there is a lack of boundary verification for the PRC entity inde…nvd
- highCVE-2026-57256: When the application opens a PDF and executes JavaScript, it performs abnormal operations on t…nvd
- mediumCVE-2026-57255: The application opens a PDF containing an abnormal color space whose attributes reference a va…nvd
- highCVE-2026-57254: There is an abnormal annotation within the PDF that is referenced by other objects. When the a…nvd
- mediumCVE-2026-57253: An abnormal image object causes the renderer to enter the wrong processing branch. When conver…nvd
- highCVE-2026-57252: When the application opens a PDF file, during the process of JavaScript deleting pages and rem…nvd
- highCVE-2026-57251: The application opens a PDF, but the cloud-like appearance of the construction process lacks p…nvd
- highCVE-2026-57250: When the application opens a PDF and JavaScript resets the form fields, the script re-enters t…nvd
More from CERT-FR Avis de sécurité
- unknownMultiple vulnerabilities in Red Hat Linux kernel (July 10, 2026)2026-07-10
- unknownMultiple vulnerabilities in Ubuntu Linux kernel (July 10, 2026)2026-07-10
- unknownMultiple vulnerabilities in Progress MOVEit Transfer (July 10, 2026)2026-07-10
- unknownVulnerability in NetApp ONTAP 9 (July 10, 2026)2026-07-10
- unknownVulnerability in CPython (July 10, 2026)2026-07-10