Description
Parsing logic flaws cause non-signature data to be misidentified as valid signatures when processing malformed form field hierarchies, leading to invalid memory writes and program crashes during internal data structure construction.
Published: 2026-04-27
Score: 7.8 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerability arises from faulty parsing of form field hierarchies in Foxit PDF Editor and Reader, where non‑signature data is incorrectly treated as valid signatures. This misidentification leads to invalid memory writes during internal data structure construction, which can result in program crashes or even the execution of arbitrary code if an attacker can influence the memory write patterns. The weakness is a classic input validation error, classified as CWE‑20.

Affected Systems

Foxit Software’s PDF Editor and PDF Reader products are affected. No specific version information is supplied in the CNA data; the vulnerability applies to all editions of these products until corrected by an update.

Risk and Exploitability

With a CVSS score of 7.8 the issue is considered high severity. The EPSS score is less than 1%, indicating a low probability of widespread exploitation at present, and it is not included in the CISA KEV catalog. The likely attack vector is a crafted PDF file that a victim opens locally. If an attacker can host or send such a file, the flaw could compromise the targeted machine, potentially allowing execution of attacker‑supplied code on the system where the PDF is viewed.

Generated by OpenCVE AI on April 29, 2026 at 21:36 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update Foxit PDF Editor and Reader to the latest releases that include the parsing fix.
  • After installing the updates, restart the applications to ensure the altered parsing logic takes effect.
  • While awaiting the patch, avoid opening PDF documents from unknown or untrusted sources as a temporary safeguard.

Generated by OpenCVE AI on April 29, 2026 at 21:36 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 29 Apr 2026 17:30:00 +0000

Type Values Removed Values Added
First Time appeared Foxit
Foxit pdf Editor
Foxit pdf Reader
Weaknesses NVD-CWE-noinfo
CPEs cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*
cpe:2.3:a:foxit:pdf_reader:*:*:*:*:*:*:*:*
Vendors & Products Foxit
Foxit pdf Editor
Foxit pdf Reader

Tue, 28 Apr 2026 08:45:00 +0000

Type Values Removed Values Added
First Time appeared Foxitsoftware
Foxitsoftware foxit Pdf Editor
Foxitsoftware foxit Reader
Vendors & Products Foxitsoftware
Foxitsoftware foxit Pdf Editor
Foxitsoftware foxit Reader

Mon, 27 Apr 2026 14:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Mon, 27 Apr 2026 11:30:00 +0000

Type Values Removed Values Added
Description Parsing logic flaws cause non-signature data to be misidentified as valid signatures when processing malformed form field hierarchies, leading to invalid memory writes and program crashes during internal data structure construction.
Title Foxit PDF Editor/Reader AcroForm Signature Remote Code Execution Vulnerability
Weaknesses CWE-20
References
Metrics cvssV3_1

{'score': 7.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H'}

Subscriptions

Foxit Pdf Editor Pdf Reader
Foxitsoftware Foxit Pdf Editor Foxit Reader
cve-icon MITRE

Status: PUBLISHED

Assigner: Foxit

Published:

Updated: 2026-04-28T03:55:25.754Z

Reserved: 2026-04-09T03:42:15.877Z

Link: CVE-2026-5941

cve-icon Vulnrichment

Updated: 2026-04-27T13:40:22.551Z

cve-icon NVD

Status : Analyzed

Published: 2026-04-27T12:16:24.487

Modified: 2026-04-29T17:24:15.870

Link: CVE-2026-5941

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-29T21:45:20Z

Weaknesses