7.8
CVE-2026-57260
- EPSS 0.12%
- Veröffentlicht 08.07.2026 07:35:55
- Zuletzt bearbeitet 09.07.2026 11:32:15
- Quelle 14984358-7092-470d-8f34-ade47a
- CVE-Watchlists
- Unerledigt
Security vulnerability in Foxit PDF Editor/Reader — U3D Adobe Mesh Decompression (Type Confusion / Invalid Pointer Dereference)
The application opened a PDF file containing an abnormal Unity 3D object. During parsing, the application incorrectly resolved a portion of the abnormal object as a pointer and used it as a valid address, ultimately causing the application to crash.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Foxit ≫ Pdf Editor Version <= 13.2.4.24048
Foxit ≫ Pdf Editor Version >= 14.0.0.33046 <= 14.0.4.33508
Foxit ≫ Pdf Editor Version >= 2023.1.0.15510 <= 2023.3.0.23028
Foxit ≫ Pdf Editor Version >= 2024.1.0.23997 <= 2024.4.1.27687
Foxit ≫ Pdf Editor Version >= 2025.1.0.27937 <= 2025.3.0.35737
Foxit ≫ Pdf Editor Version >= 2026.1.0.36452 <= 2026.1.1.36485
Foxit ≫ Pdf Reader Version <= 2026.1.1.36485
Foxit ≫ Pdf Editor Version <= 13.2.3.63444
Foxit ≫ Pdf Editor Version >= 14.0.0.68868 <= 14.0.3.69295
Foxit ≫ Pdf Editor Version >= 2023.1.0.55583 <= 2023.3.0.63083
Foxit ≫ Pdf Editor Version >= 2024.1.0.63682 <= 2024.4.1.66479
Foxit ≫ Pdf Editor Version >= 2025.1.0.66692 <= 2025.3.0.69570
Foxit ≫ Pdf Editor Version >= 2026.1.0.70169 <= 2026.1.1.70276
Foxit ≫ Pdf Reader Version <= 2026.1.1.70276
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.12% | 0.019 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| 14984358-7092-470d-8f34-ade47a7658a2 | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
|
CWE-787 Out-of-bounds Write
The product writes data past the end, or before the beginning, of the intended buffer.
https://www.foxit.com/support/security-bulletins.html