Vulnerabilities in Foxit Software Inc.
35 resultsCVE-2026-3779HIGHFoxit PDF Editor/Reader List Box Calculate Array Use-After-Free VulnerabilityEPSS 0.3%CVE-2025-66493HIGHFoxit PDF Reader AcroForm Use-After-Free Remote Code Execution VulnerabilityEPSS 0.3%CVE-2025-66495HIGHFoxit PDF Reader Annotation Use-After-Free Remote Code Execution VulnerabilityEPSS 0.3%CVE-2025-66494HIGHFoxit PDF Reader PDF File Parsing Use-After-Free Remote Code Execution VulnerabilityEPSS 0.3%CVE-2025-66499HIGHFoxit PDF Reader PDF Parsing Heap-Based Buffer Overflow Remote Code Execution VulnerabilityEPSS 0.3%CVE-2026-3775HIGHFoxit PDF Editor/Reader Update Service Uncontrolled Search Path Element Local Privilege Escalation VulnerabilityEPSS 0.3%CVE-2026-1591MEDIUMStored XSS via Attachments Feature in https://pdfonline.foxit.com/EPSS 0.2%CVE-2026-1592MEDIUMStored XSS via Create New Layer Field found in Foxit PDF Editor CloudEPSS 0.2%CVE-2026-5936HIGHServer-Side Request Forgery (SSRF) via URL Parameter in Foxit PDF Services APIEPSS 0.2%CVE-2026-5942MEDIUMFoxit PDF Editor/Reader AcroForm Signature Use-After-Free VulnerabilityEPSS 0.2%CVE-2026-5943HIGHFoxit PDF Editor/Reader AcroForm Annotation Use-After-Free Remote Code Execution VulnerabilityEPSS 0.2%CVE-2025-66498MEDIUMFoxit PDF Reader 3D Annotation Out-of-Bounds Memory Access VulnerabilityEPSS 0.2%CVE-2025-66496MEDIUMFoxit PDF Reader 3D Annotation Out-of-Bounds Memory Access VulnerabilityEPSS 0.2%CVE-2025-66497MEDIUMFoxit PDF Reader 3D Annotation Out-of-Bounds Memory Access VulnerabilityEPSS 0.2%CVE-2026-4947HIGHInsecure Direct Object Reference (IDOR) Leading to Signature Forgery in Foxit eSignEPSS 0.2%CVE-2025-66500MEDIUMFoxit webplugins.foxit.com Stored Cross-Site Scripting via postMessage VulnerabilityEPSS 0.2%CVE-2026-5941HIGHFoxit PDF Editor/Reader AcroForm Signature Remote Code Execution VulnerabilityEPSS 0.2%CVE-2026-5940HIGHFoxit PDF Editor/Reader Annotation Use-After-Free Remote Code Execution VulnerabilityEPSS 0.2%CVE-2025-13941HIGHFoxit PDF Reader Update Service Incorrect Permission Assignment Local Privilege Escalation VulnerabilityEPSS 0.2%CVE-2025-66523MEDIUMReflected Cross-Site Scripting (XSS) Vulnerability in na1.foxitesign.foxit.com via Unsanitized URL ParametersEPSS 0.2%