Severity by source
AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Lifecycle Timeline
4DescriptionCVE.org
Improper control flow management allows a crafted document action chain to cause modal dialog reentry on the main thread, resulting in UI freeze and denial of service.
AnalysisAI
Modal dialog reentry vulnerability in Foxit PDF Editor and Reader allows local attackers to trigger UI freeze and denial of service by supplying a crafted PDF document with a malicious action chain, requiring user interaction to open the file. The vulnerability stems from improper control flow management in document action handling and results in application unresponsiveness on the main thread. No public exploit code or active exploitation has been identified at the time of analysis.
Technical ContextAI
The vulnerability exists in the document action chain processing mechanism within Foxit PDF Editor and Reader. PDF documents support action chains that define sequences of operations triggered by user interaction or document events; these actions are processed on the application's main UI thread. The root cause is classified as CWE-691 (Improper Control Flow Management), indicating that the application fails to properly guard against recursive or re-entrant calls to modal dialog display functions. When a specially crafted action chain causes a modal dialog to be re-entered while already active, the event loop becomes blocked, causing the UI to freeze. This is a common vulnerability class in applications that use synchronous modal dialogs without adequate re-entrancy guards.
RemediationAI
Contact Foxit Software for a patched version of Foxit PDF Editor or PDF Reader. Foxit's security bulletins are available at https://www.foxit.com/support/security-bulletins.html and should be consulted for the specific fixed version and availability timeline. As a compensating control prior to patching, restrict the opening of PDF documents from untrusted sources and disable document action execution if your PDF viewer supports that setting (this may limit PDF functionality). Additionally, disable auto-open features for PDFs received via email or downloaded from the internet. Users should update as soon as patched versions are released by Foxit; the vendor's bulletin should be monitored for release announcements.
More in Foxit Pdf Editor
View allUse-after-free memory corruption in Foxit PDF Reader and Foxit PDF Editor lets a crafted PDF containing JavaScript trigg
Use-after-free memory corruption in Foxit PDF Reader and Foxit PDF Editor (versions 2026.1.1/14.0.4 and earlier) allows
Denial-of-service (and potential memory-corruption) in Foxit PDF Editor (≤14.0.4 / ≤13.2.4 / ≤2026.1.1) and Foxit PDF Re
Denial-of-service in Foxit PDF Reader and Foxit PDF Editor (versions 2026.1.1 and earlier) occurs when a victim opens a
Memory corruption in Foxit PDF Reader and Foxit PDF Editor (versions 2026.1.1, 13.2.4, 14.0.4 and earlier) allows attack
Memory corruption in Foxit PDF Reader and Foxit PDF Editor allows a crafted PDF to trigger a use-after-free through the
Use-after-free memory corruption in Foxit PDF Reader (2026.1.1 and earlier) and Foxit PDF Editor (through 14.0.4, 13.2.4
Memory corruption in Foxit PDF Reader (≤2026.1.1) and Foxit PDF Editor (≤14.0.4, ≤13.2.4, and ≤2026.1.1) allows an attac
Memory-corruption (buffer overflow) in Foxit PDF Reader and Foxit PDF Editor arises when the digital-signature plugin pr
Memory-corruption crash (and potential code execution) in Foxit PDF Reader and Foxit PDF Editor occurs when a PDF's embe
Use-after-free memory corruption in Foxit PDF Editor and Foxit PDF Reader allows a crafted PDF to crash the application
Denial of service in Foxit PDF Editor and Foxit PDF Reader arises when the application renders a PDF containing cloud-st
Same weakness CWE-691 – Insufficient Control Flow Management
View allSame technique Denial Of Service
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-25824