CVE-2026-5938

Summary

Improper control flow management allows a crafted document action chain to cause modal dialog reentry on the main thread, resulting in UI freeze and denial of service.

Affected Software

VendorProductVersion RangeStatus
Foxit Software Inc.Foxit PDF EditorVersions 2026.1 and earlieraffected
Foxit Software Inc.Foxit PDF EditorVersions 14.0.3 and earlieraffected
Foxit Software Inc.Foxit PDF EditorVersions 13.2.3 and earlieraffected
Foxit Software Inc.Foxit PDF ReaderVersions 2026.1 and earlieraffected

Weaknesses

  • CWE-691: Insufficient Control Flow Management (CWE-691)

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References