CVE-2026-57251
Foxit · Foxit PDF Editor and Foxit PDF Reader
An improper array index validation vulnerability in Foxit PDF Editor and Reader allows attackers to trigger memory corruption via a malicious PDF with improper cloud-like construction parameters.
Executive summary
An improper input validation vulnerability in Foxit PDF software may allow an attacker to cause memory corruption and potential code execution by crafting a malicious PDF file.
Vulnerability
This vulnerability (CWE-129) occurs because the application fails to enforce upper limits and consistency checks during the construction process of cloud-like annotations in a PDF. An unauthenticated attacker can exploit this by enticing a user to open a specially crafted document.
Business impact
Exploitation of this vulnerability could lead to arbitrary code execution or a denial-of-service state. Given the CVSS score of 7.8, this poses a high risk to business operations, as successful exploitation could compromise workstation security and sensitive data accessible to the user.
Remediation
Immediate Action: Apply the latest security updates released by Foxit to patch this index validation flaw.
Proactive Monitoring: Review security logs for anomalous application behavior or frequent crashes occurring when users open PDF files.
Compensating Controls: Utilize endpoint security software to block the execution of suspicious files and enforce the use of protected view modes for untrusted PDFs.
Exploitation status
Public Exploit Available: false
Analyst recommendation
This vulnerability highlights the need for strict input validation in document processing software. Organizations should ensure that all Foxit software installations are updated to the latest secure versions to prevent potential exploitation.