Skip to main content

N A EUVDEUVD-2025-209417

| CVE-2025-69624 HIGH
NULL Pointer Dereference (CWE-476)
2026-04-13 mitre GHSA-rrjx-h7jp-ggmg
7.5
CVSS 3.1 · Vendor: mitre
Share

Severity by source

Vendor (mitre) PRIMARY
7.5 HIGH
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Primary rating from Vendor (mitre) · only source for this CVE.

CVSS VectorVendor: mitre

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

6
Re-analysis Queued
Apr 17, 2026 - 15:52 vuln.today
cvss_changed
Analysis Generated
Apr 15, 2026 - 12:30 vuln.today
CVSS changed
Apr 13, 2026 - 20:22 NVD
7.5 (None) 7.5 (HIGH)
EUVD ID Assigned
Apr 13, 2026 - 15:45 euvd
EUVD-2025-209417
Analysis Generated
Apr 13, 2026 - 15:45 vuln.today
CVE Published
Apr 13, 2026 - 00:00 nvd
HIGH 7.5

DescriptionCVE.org

Nitro PDF Pro for Windows 14.41.1.4 contains a NULL pointer dereference vulnerability in the JavaScript implementation of app.alert(). When app.alert() is called with more than one argument and the first argument evaluates to null (for example, app.alert(app.activeDocs, true) when app.activeDocs is null), the engine routes the call through a fallback path intended for non-string arguments. In this path, js_ValueToString() is invoked on the null value and returns an invalid string pointer, which is then passed to JS_GetStringChars() without validation. Dereferencing this pointer leads to an access violation and application crash when opening a crafted PDF.

AnalysisAI

Nitro PDF Pro 14.41.1.4 for Windows crashes when processing maliciously crafted PDFs that invoke app.alert() with null arguments, causing denial of service through NULL pointer dereference in the JavaScript engine. Remote attackers can deliver weaponized PDF files requiring no authentication or user interaction beyond opening the document (AV:N/AC:L/PR:N/UI:N). No public exploit identified at time of analysis, with EPSS exploitation probability at 0.01% (2nd percentile), indicating low real-world targeting despite theoretical automation potential.

Technical ContextAI

This vulnerability affects the JavaScript engine embedded in Nitro PDF Pro, specifically the implementation of the Document Object Model (DOM) method app.alert(). The flaw occurs in a fallback code path designed to handle non-string arguments passed to app.alert(). When the first argument evaluates to null (such as app.activeDocs in a PDF without active documents), the engine invokes js_ValueToString() on the null value, which returns an invalid string pointer. This invalid pointer is subsequently passed to JS_GetStringChars() without null-check validation, triggering a NULL pointer dereference when the function attempts to access memory at address zero or an unmapped region. The vulnerability is classified as CWE-476 (NULL Pointer Dereference), a common software defect where code fails to validate pointer values before dereferencing them. PDF files can embed JavaScript that executes when the document is opened, making this a vector for automated denial-of-service attacks against users or systems processing untrusted PDFs.

RemediationAI

Organizations running Nitro PDF Pro 14.41.1.4 for Windows should immediately check for vendor security updates at http://nitro.com and apply the latest patched version when available. No vendor-released patch version has been independently confirmed from available data at time of analysis, so users should monitor the Nitro Software security advisory page for official remediation guidance. As an interim mitigation, organizations processing untrusted PDFs should implement sandboxing or isolation technologies to limit crash impact, disable JavaScript execution in PDF processing workflows if business requirements allow, or substitute alternative PDF readers that are not affected by this vulnerability for automated document processing pipelines. Email security gateways and document management systems should add behavioral detection rules to identify and quarantine PDFs containing suspicious app.alert() JavaScript invocations with null arguments. For interactive users, the primary mitigation is user awareness training to avoid opening PDFs from untrusted sources until patches are deployed.

More in N A

View all
CVE-2026-31072 CRITICAL POC
9.8 May 19

Remote code execution in APScheduler (all versions through 3.10.x and 4.0.0a5) is achievable when applications deseriali

CVE-2026-36356 CRITICAL POC
9.1 May 05

Unauthenticated remote OS command injection in MeiG Smart FORGE_SLT711 cellular gateway firmware MDM9607.LE.1.0-00110-ST

CVE-2026-31071 CRITICAL POC
9.1 May 19

Unauthenticated API access in LalanaChami Pharmacy Management System (commit 5c3d028) allows remote attackers to dump al

CVE-2025-66391 HIGH POC
8.8 Jun 17

In Citrix Cloud through 2025-11-10, an account with read-only access can trigger the beginning of a workflow for write o

CVE-2026-26740 HIGH POC
8.2 Mar 18

Giflib 5.2.2 contains a buffer overflow in the EGifGCBToExtension function that fails to validate allocated memory when

CVE-2025-60464 HIGH POC
7.8 Jun 25

Denial of service in GPAC's MP4Box multimedia tool (versions before 26.02.0) arises from a use-after-free in the gf_sei_

CVE-2026-36355 HIGH POC
7.7 May 05

Arbitrary kernel memory read/write in Realtek rtl819x Jungle SDK Wi-Fi driver allows local unprivileged attackers to acc

CVE-2025-60474 HIGH POC
7.5 Jun 24

Denial of service in GPAC's MP4Box/libgpac media importer (versions before 26.02.0) lets an attacker crash the tool by s

CVE-2026-38639 HIGH POC
7.5 Jun 26

An issue in the parse_month function (/time/strptime.rs) of relibc commit ab6a2e allows attackers to cause a Denial of S

CVE-2026-38641 HIGH POC
7.5 Jun 26

Denial of service in relibc (the Redox OS C standard library) at commit 61f42d allows attackers to crash a process by ge

CVE-2026-38637 HIGH POC
7.5 Jun 25

An issue in the pthread_rwlockattr_setpshared() function of relibc commit 61f42d allows attackers to cause a Denial of S

CVE-2026-38640 HIGH POC
7.5 Jun 25

Denial of service in relibc (the Redox OS C standard library implementation, commit 61f42d) lets attackers crash a proce

Share

EUVD-2025-209417 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy