CVE-2026-57258
MEDIUM
6.1
CVSS 3.1
Description
The PRC file header parsing logic trusts the constructed file structure description information, assumes that the underlying array contains elements and reads them, leading to out-of-bounds reads and application crashes.
Metadata
Severity & Metrics
6.1
MEDIUM CVSS 3.1
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H
Affected products (3)
| Vendor | Product | Platform | Versions |
|---|---|---|---|
| Foxit Software Inc. | Foxit PDF Editor | Windows | Versions 2026.1.1 and earlier, Versions 14.0.4 and earlier, Versions 13.2.4 and earlier |
| Foxit Software Inc. | Foxit PDF Editor | MacOS | Versions 2026.1.1 and earlier, Versions 14.0.3 and earlier, Versions 13.2.3 and earlier |
| Foxit Software Inc. | Foxit PDF Reader | Windows,MacOS | Versions 2026.1.1 and earlier |
Weakness (CWE)
| CWE | Source | Description |
|---|---|---|
| CWE-125 | cna | CWE-125 Out-of-bounds read |
CVSS scores (1)
| Score | Severity | Version | Source | Vector |
|---|---|---|---|---|
| 6.1 | MEDIUM | 3.1 | cna | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H |
References (1)