Foxit

Foxit is a widely-used PDF software company, and this high-severity vulnerability (CVSS 7.8) requires local access and user interaction but requires no authentication, potentially allowing an attacker to achieve complete compromise of confidentiality, integrity, and availability on an affected system. The attack vector is local, meaning an attacker would need some level of access to the target machine, but could escalate privileges or damage files without prior credentials. Security teams should monitor for exploitation attempts targeting Foxit products and prepare patches for deployment once the vendor deadline of July 28, 2026 approaches.