Skip to main content

Foxit Pdf Editor CVE-2026-3779

| EUVDEUVD-2026-17759 HIGH
Use After Free (CWE-416)
2026-04-01 Foxit
7.8
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
7.8 HIGH
AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

4
Re-analysis Queued
Apr 28, 2026 - 14:22 vuln.today
cvss_changed
EUVD ID Assigned
Apr 01, 2026 - 01:45 euvd
EUVD-2026-17759
Analysis Generated
Apr 01, 2026 - 01:45 vuln.today
CVE Published
Apr 01, 2026 - 01:40 nvd
HIGH 7.8

DescriptionCVE.org

The application's list box calculate array logic keeps stale references to page or form objects after they are deleted or re-created, which allows crafted documents to trigger a use-after-free when the calculation runs and can potentially lead to arbitrary code execution.

AnalysisAI

Use-after-free in Foxit PDF Reader and Editor allows arbitrary code execution when processing maliciously crafted PDF documents containing list box calculation arrays. The vulnerability (CVSS 7.8) occurs when stale references to deleted or re-created page/form objects persist in calculation logic, enabling local attackers to execute code with user privileges when victims open weaponized PDFs. No public exploit identified at time of analysis, though the memory corruption primitive is well-understood by exploit developers.

Technical ContextAI

This vulnerability stems from improper lifecycle management of JavaScript calculation arrays associated with PDF form list box objects in Foxit's rendering engine. When PDF documents programmatically delete or re-create page or form objects while list box calculations reference them, the calculation engine retains dangling pointers to freed memory regions. Classified as CWE-416 (Use After Free), this memory safety issue allows the calculation logic to dereference freed heap objects during subsequent operations. Affects both Foxit PDF Reader (cpe:2.3:a:foxit_software_inc.:foxit_pdf_reader) and Foxit PDF Editor (cpe:2.3:a:foxit_software_inc.:foxit_pdf_editor), suggesting the shared component is the JavaScript runtime or form field calculation engine used across both products. Use-after-free vulnerabilities in PDF readers are particularly dangerous because PDFs support complex scripting capabilities and object graphs that can precisely manipulate memory state.

RemediationAI

Organizations should immediately consult Foxit's security bulletin at https://www.foxit.com/support/security-bulletins.html to identify the specific patched versions for their deployed products. Vendor-released patch availability is indicated in the security bulletin, though exact remediated version numbers are not specified in the intelligence data provided. As an interim mitigation until patching is complete, organizations can deploy application control policies to block JavaScript execution in PDF documents through Foxit's preferences (Edit > Preferences > JavaScript > Enable JavaScript), though this may break legitimate form functionality. Additional defense-in-depth measures include restricting PDF file sources through email gateway filtering, deploying endpoint detection and response solutions configured to detect heap spray and ROP chain behaviors typical of use-after-free exploitation, and educating users to avoid opening PDF attachments from untrusted sources. Given the local attack vector requiring user interaction, security awareness training significantly reduces exploitation probability.

CVE-2026-57240 HIGH
7.8 Jul 08

Use-after-free memory corruption in Foxit PDF Reader and Foxit PDF Editor lets a crafted PDF containing JavaScript trigg

CVE-2026-13126 HIGH
7.8 Jul 08

Use-after-free memory corruption in Foxit PDF Reader and Foxit PDF Editor (versions 2026.1.1/14.0.4 and earlier) allows

CVE-2026-13127 HIGH
7.8 Jul 08

Denial-of-service (and potential memory-corruption) in Foxit PDF Editor (≤14.0.4 / ≤13.2.4 / ≤2026.1.1) and Foxit PDF Re

CVE-2026-13128 HIGH
7.8 Jul 08

Denial-of-service in Foxit PDF Reader and Foxit PDF Editor (versions 2026.1.1 and earlier) occurs when a victim opens a

CVE-2026-13129 HIGH
7.8 Jul 08

Memory corruption in Foxit PDF Reader and Foxit PDF Editor (versions 2026.1.1, 13.2.4, 14.0.4 and earlier) allows attack

CVE-2026-57238 HIGH
7.8 Jul 08

Memory corruption in Foxit PDF Reader and Foxit PDF Editor allows a crafted PDF to trigger a use-after-free through the

CVE-2026-57242 HIGH
7.8 Jul 08

Use-after-free memory corruption in Foxit PDF Reader (2026.1.1 and earlier) and Foxit PDF Editor (through 14.0.4, 13.2.4

CVE-2026-57245 HIGH
7.8 Jul 08

Memory corruption in Foxit PDF Reader (≤2026.1.1) and Foxit PDF Editor (≤14.0.4, ≤13.2.4, and ≤2026.1.1) allows an attac

CVE-2026-57246 HIGH
7.8 Jul 08

Memory-corruption (buffer overflow) in Foxit PDF Reader and Foxit PDF Editor arises when the digital-signature plugin pr

CVE-2026-57248 HIGH
7.8 Jul 08

Memory-corruption crash (and potential code execution) in Foxit PDF Reader and Foxit PDF Editor occurs when a PDF's embe

CVE-2026-57249 HIGH
7.8 Jul 08

Use-after-free memory corruption in Foxit PDF Editor and Foxit PDF Reader allows a crafted PDF to crash the application

CVE-2026-57251 HIGH
7.8 Jul 08

Denial of service in Foxit PDF Editor and Foxit PDF Reader arises when the application renders a PDF containing cloud-st

Share

CVE-2026-3779 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy