Foxit Ai
Monthly
Arbitrary code execution in Foxit AI (versions before 2026-06-15) occurs when the application processes JavaScript embedded in a PDF inside its sandbox but fails to intercept dangerous interfaces, permitting remote script loading. A user must open a malicious PDF for exploitation to succeed, and no public exploit identified at time of analysis with EPSS at only 0.13%. SSVC reports total technical impact but no observed exploitation.
Arbitrary code execution in Foxit AI (versions before 2026-06-15) occurs when the application processes JavaScript embedded in a PDF inside its sandbox but fails to intercept dangerous interfaces, permitting remote script loading. A user must open a malicious PDF for exploitation to succeed, and no public exploit identified at time of analysis with EPSS at only 0.13%. SSVC reports total technical impact but no observed exploitation.