CVE-2026-57247
Foxit · Foxit PDF Editor / Foxit PDF Reader
A use-after-free vulnerability in Foxit PDF Editor and Reader occurs when the software incorrectly processes document fields after a page deletion, leading to an illegal memory read.
Executive summary
An illegal memory read vulnerability in Foxit PDF Editor and Reader, resulting from improper field processing, may allow an attacker to crash the application or execute arbitrary code.
Vulnerability
This vulnerability (CWE-416) is triggered when the application re-enters document structures during field processing and attempts to access objects that were previously deleted. An unauthenticated attacker can exploit this by providing a malicious PDF document designed to trigger this specific lifecycle error.
Business impact
This vulnerability presents a high risk to business operations, as it can lead to application crashes (denial of service) or potential remote code execution. With a CVSS score of 7.8, the impact on workstations—where these products are primarily deployed—is significant, necessitating prompt remediation to prevent compromise.
Remediation
Immediate Action: Update to the most recent version of Foxit PDF Editor or Reader as specified in the official vendor security bulletin.
Proactive Monitoring: Monitor for application crashes or logs indicating illegal read operations within the PDF processing component.
Compensating Controls: Ensure that endpoint protection software is configured to detect and prevent memory-based attacks.
Exploitation status
Public Exploit Available: false
Analyst recommendation
The complexity of the document structure processing makes this a sensitive area for security. Administrators must prioritize the deployment of vendor-supplied patches to eliminate this use-after-free risk and maintain the security posture of their environments.