CVE-2026-57245
Foxit · Foxit PDF Editor / Foxit PDF Reader
A use-after-free vulnerability in Foxit PDF Editor and Reader arises from improper validation of annotation relationships and field combinations during hyperlink processing.
Executive summary
Failure to validate annotation relationships in Foxit PDF Editor and Reader creates a use-after-free vulnerability that could facilitate unauthorized code execution.
Vulnerability
The vulnerability involves a flaw in how the application handles annotation elements related to hyperlinks. An unauthenticated attacker can exploit this via a crafted PDF that triggers an invalid memory operation during the parsing of complex field combinations.
Business impact
The exploitation of this flaw poses a severe risk to organizational security, as it allows for memory corruption that can be leveraged for code execution. Given the CVSS score of 7.8, this issue presents a high risk of system compromise and potential lateral movement if the affected workstation is integrated into a corporate network.
Remediation
Immediate Action: Apply the latest security updates provided by Foxit to resolve the memory validation errors in the annotation processing engine.
Proactive Monitoring: Review security logs for instances of PDF reader instability or unauthorized memory access violations on endpoints.
Compensating Controls: Utilize endpoint detection and response (EDR) solutions to detect and block suspicious exploit attempts involving document parsing.
Exploitation status
Public Exploit Available: false
Analyst recommendation
Immediate patching is necessary to mitigate this high-risk vulnerability. Security teams should ensure that all instances of Foxit PDF software are updated to versions that explicitly address these memory safety concerns.