CVE-2026-57255

Summary

The application opens a PDF containing an abnormal color space whose attributes reference a valid but semantically malformed function. The function's output is not validated; when subsequently read, it produces an illegal pointer that accesses an out-of-bounds region, crashing the application.

Affected Software

VendorProductVersion RangeStatus
Foxit Software Inc.Foxit PDF EditorVersions 2026.1.1 and earlieraffected
Foxit Software Inc.Foxit PDF EditorVersions 14.0.4 and earlieraffected
Foxit Software Inc.Foxit PDF EditorVersions 13.2.4 and earlieraffected
Foxit Software Inc.Foxit PDF ReaderVersions 2026.1.1 and earlieraffected

Weaknesses

  • CWE-125: CWE-125 Out-of-bounds read

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References