← back
CVE-2026-57253

Foxit PDF Editor/Reader PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

CVSS 6.1 MEDIUMEPSS 0.1%CWE-125
Vexday Risk Score
13Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 6.1EPSS 0.1%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
08 Jul 2026Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
An abnormal image object causes the renderer to enter the wrong processing branch. When converting the scan lines, an invalid image buffer pointer is used, resulting in the application crashing.
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H