CVE-2026-57254
HIGH
7.8
CVSS 3.1
Description
There is an abnormal annotation within the PDF that is referenced by other objects. When the application parses the PDF, it fails to perform proper type checking, ultimately causing the application to crash.
Metadata
Severity & Metrics
7.8
HIGH CVSS 3.1
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
SSVC — CISA Coordinator
Affected products (2)
| Vendor | Product | Platform | Versions |
|---|---|---|---|
| Foxit Software Inc. | Foxit PDF Editor | Windows | Versions 2026.1.1 and earlier, Versions 14.0.4 and earlier, Versions 13.2.4 and earlier |
| Foxit Software Inc. | Foxit PDF Reader | Windows | Versions 2026.1.1 and earlier |
Weakness (CWE)
| CWE | Source | Description |
|---|---|---|
| CWE-843 | cna | Access of Resource Using Incompatible Type ('Type Confusion') (CWE-843) |
CVSS scores (1)
| Score | Severity | Version | Source | Vector |
|---|---|---|---|---|
| 7.8 | HIGH | 3.1 | cna | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
References (1)