CVE-2026-57257
Severity CVSS v4.0:
Pending analysis
Type:
CWE-125
Out-of-bounds Read
Publication date:
08/07/2026
Last modified:
09/07/2026
Description
During the PRC parsing stage, there is a lack of boundary verification for the PRC entity index, which leads to an out-of-bounds read of the entity array. As a result, the application crashes.
Impact
Base Score 3.x
6.10
Severity 3.x
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:* | 13.2.4.24048 (including) | |
| cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:* | 14.0.0.33046 (including) | 14.0.4.33508 (including) |
| cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:* | 2023.1.0.15510 (including) | 2023.3.0.23028 (including) |
| cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:* | 2024.1.0.23997 (including) | 2024.4.1.27687 (including) |
| cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:* | 2025.1.0.27937 (including) | 2025.3.0.35737 (including) |
| cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:* | 2026.1.0.36452 (including) | 2026.1.1.36485 (including) |
| cpe:2.3:a:foxit:pdf_reader:*:*:*:*:*:*:*:* | 2026.1.1.36485 (including) | |
| cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:* | ||
| cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:* | 13.2.3.63444 (including) | |
| cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:* | 14.0.0.68868 (including) | 14.0.3.69295 (including) |
| cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:* | 2023.1.0.55583 (including) | 2023.3.0.63083 (including) |
| cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:* | 2024.1.0.63682 (including) | 2024.4.1.66479 (including) |
| cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:* | 2025.1.0.66692 (including) | 2025.3.0.69570 (including) |
| cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:* | 2026.1.0.70169 (including) | 2026.1.1.70276 (including) |
| cpe:2.3:a:foxit:pdf_reader:*:*:*:*:*:*:*:* | 2026.1.1.70276 (including) |
To consult the complete list of CPE names with products and versions, see this page



