CVE-2026-13128
7.8
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Summary
Embedding JavaScript within a PDF file will cause the page to be deleted. Subsequent scripts will continue to access the relevant properties of the document view, eventually leading to the crash of the application.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Foxit Software Inc. | Foxit PDF Editor | Versions 2026.1.1 and earlier | affected |
| Foxit Software Inc. | Foxit PDF Reader | Versions 2026.1.1 and earlier | affected |
Weaknesses
- CWE-416: CWE-416 Use after free
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: total
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.