CVE-2026-57251

Foxit · Foxit PDF Editor and Foxit PDF Reader

An improper array index validation vulnerability in Foxit PDF Editor and Reader allows attackers to trigger memory corruption via a malicious PDF with improper cloud-like construction parameters.

Executive summary

An improper input validation vulnerability in Foxit PDF software may allow an attacker to cause memory corruption and potential code execution by crafting a malicious PDF file.

Vulnerability

This vulnerability (CWE-129) occurs because the application fails to enforce upper limits and consistency checks during the construction process of cloud-like annotations in a PDF. An unauthenticated attacker can exploit this by enticing a user to open a specially crafted document.

Business impact

Exploitation of this vulnerability could lead to arbitrary code execution or a denial-of-service state. Given the CVSS score of 7.8, this poses a high risk to business operations, as successful exploitation could compromise workstation security and sensitive data accessible to the user.

Remediation

Immediate Action: Apply the latest security updates released by Foxit to patch this index validation flaw.

Proactive Monitoring: Review security logs for anomalous application behavior or frequent crashes occurring when users open PDF files.

Compensating Controls: Utilize endpoint security software to block the execution of suspicious files and enforce the use of protected view modes for untrusted PDFs.

Exploitation status

Public Exploit Available: false

Analyst recommendation

This vulnerability highlights the need for strict input validation in document processing software. Organizations should ensure that all Foxit software installations are updated to the latest secure versions to prevent potential exploitation.