CVE-2026-5941

Summary

Parsing logic flaws cause non-signature data to be misidentified as valid signatures when processing malformed form field hierarchies, leading to invalid memory writes and program crashes during internal data structure construction.

Affected Software

VendorProductVersion RangeStatus
Foxit Software Inc.Foxit PDF EditorVersions 2026.1 and earlieraffected
Foxit Software Inc.Foxit PDF EditorVersions 14.0.3 and earlieraffected
Foxit Software Inc.Foxit PDF ReaderVersions 2026.1 and earlieraffected

Weaknesses

  • CWE-20: CWE-20 Improper input validation

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References