[NEW] [high] Foxit PDF Editor and PDF Reader: Multiple vulnerabilities
A remote, anonymous attacker can exploit multiple vulnerabilities in Foxit PDF Editor and Foxit PDF Reader to escalate privileges, cause a denial of service, execute code, and disclose information.
CSIRTS triage
- What
- Multiple vulnerabilities allow a remote attacker to escalate privileges, cause denial of service, execute code, and disclose information.
- Who is affected
- Users of Foxit PDF Editor and PDF Reader are affected.
- Urgency
- Remediation is urgent due to the high severity and potential for exploitation.
- Action
- Update to the latest version of Foxit PDF Editor and PDF Reader.
AI-assisted analysis generated from the source advisory — verify against the original.
⚡ Watch Foxit PDF Editor and PDF Reader
Get an email when a new Foxit PDF Editor and PDF Reader advisory drops — max one per day, one-click unsubscribe.
Details
Original advisory: https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2241
Exploitation outlook
EPSS (FIRST.org) estimates each CVE’s probability of exploitation in the next 30 days — here is the CSIRTS.com read on those numbers.
- Low exploitation riskCVE-2026-131260.12% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 2% of all scored CVEs.
- Low exploitation riskCVE-2026-131270.12% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 2% of all scored CVEs.
- Low exploitation riskCVE-2026-131280.12% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 2% of all scored CVEs.
- Low exploitation riskCVE-2026-131290.12% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 2% of all scored CVEs.
- Low exploitation riskCVE-2026-572370.12% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 2% of all scored CVEs.
- Low exploitation riskCVE-2026-572380.12% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 2% of all scored CVEs.
- Low exploitation riskCVE-2026-572390.11% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 2% of all scored CVEs.
- Low exploitation riskCVE-2026-572400.13% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 3% of all scored CVEs.
- Low exploitation riskCVE-2026-572410.11% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 1% of all scored CVEs.
- Low exploitation riskCVE-2026-572420.12% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 2% of all scored CVEs.
Referenced CVEs
Same CVEs, other sources
How other CERTs, PSIRTs and databases cover the vulnerabilities in this advisory.
- highCVE-2026-57260: The application opened a PDF file containing an abnormal Unity 3D object. During parsing, the …nvd
- mediumCVE-2026-57259: The input file does not need to be strictly in a structurally valid PDF format. Instead, after…nvd
- mediumCVE-2026-57258: The PRC file header parsing logic trusts the constructed file structure description informatio…nvd
- mediumCVE-2026-57257: During the PRC parsing stage, there is a lack of boundary verification for the PRC entity inde…nvd
- highCVE-2026-57256: When the application opens a PDF and executes JavaScript, it performs abnormal operations on t…nvd
- mediumCVE-2026-57255: The application opens a PDF containing an abnormal color space whose attributes reference a va…nvd
- highCVE-2026-57254: There is an abnormal annotation within the PDF that is referenced by other objects. When the a…nvd
- mediumCVE-2026-57253: An abnormal image object causes the renderer to enter the wrong processing branch. When conver…nvd
- highCVE-2026-57252: When the application opens a PDF file, during the process of JavaScript deleting pages and rem…nvd
- highCVE-2026-57251: The application opens a PDF, but the cloud-like appearance of the construction process lacks p…nvd
- highCVE-2026-57250: When the application opens a PDF and JavaScript resets the form fields, the script re-enters t…nvd
- highCVE-2026-57249: After the application opened the PDF file, the script first reset the annotation status, then …nvd
More from CERT-Bund (BSI) Security Advisories
- medium[NEW] [medium] DENX U-Boot: Multiple vulnerabilities allow execution of arbitrary code and DoS2026-07-10
- medium[NEW] [medium] Samsung Android: Multiple vulnerabilities2026-07-10
- medium[UPDATE] [medium] Linux Kernel: Multiple vulnerabilities allow denial of service2026-07-10
- medium[UPDATE] [medium] Linux Kernel: Multiple vulnerabilities allow unspecified attack2026-07-10
- medium[UPDATE] [medium] Linux Kernel: Multiple vulnerabilities allow denial of service2026-07-10