Foxit CVEs & Vulnerabilities

8 CVEs affecting Foxit products, tracked from the National Vulnerability Database, with CVSS/EPSS scores and exploitation status.

Most Affected Products

pdf reader 7pdf editor 7ai 1
CVE-2026-12057HIGH

When the application executes the JavaScript script embedded in the PDF within the sandbox, it fails to intercept some dangerous interfaces, which allows remote scripts to be loaded, resulting in arbitrary code execution.

15 Jun 2026
7.8
CVSS
CVE-2026-5943HIGH

Document structural anomalies caused inconsistencies between page element relationships and internal index states. When scripts triggered document modifications, object reference validity was not properly maintained, leading to a crash when accessing an invalid pointer during page information queries.

27 Apr 2026
7.8
CVSS
CVE-2026-5942MEDIUM

Flaws in page lifecycle management allow document structure changes to desynchronize internal component states, causing subsequent operations to access invalidated objects and crash the program.

27 Apr 2026
5.5
CVSS
CVE-2026-5941HIGH

Parsing logic flaws cause non-signature data to be misidentified as valid signatures when processing malformed form field hierarchies, leading to invalid memory writes and program crashes during internal data structure construction.

27 Apr 2026
7.1
CVSS
CVE-2026-5940MEDIUM

Calling a function that triggers a UI refresh after removing comments via a script may access an invalidated object, leading to program crashes.

27 Apr 2026
5.5
CVSS
CVE-2026-5939MEDIUM

A crafted XFA PDF can trigger a use-after-free condition during calculate event processing, causing the application to crash and resulting in an arbitrary code execution.

27 Apr 2026
5.5
CVSS
CVE-2026-5938MEDIUM

Improper control flow management allows a crafted document action chain to cause modal dialog reentry on the main thread, resulting in UI freeze and denial of service.

27 Apr 2026
5.5
CVSS
CVE-2026-5937MEDIUM

Insufficient parameter verification leads to the occurrence of format errors in files, which will trigger an unhandled "std::invalid_argument" exception, ultimately causing the program to terminate.

27 Apr 2026
5.5
CVSS
← PrevPage 1 / 1Next →