Description
Document structural anomalies caused inconsistencies between page element relationships and internal index states. When scripts triggered document modifications, object reference validity was not properly maintained, leading to a crash when accessing an invalid pointer during page information queries.
Published: 2026-04-27
Score: 7.8 High
EPSS: < 1% Very Low
KEV: No
Impact: Remote Code Execution
Action: Patch Immediately
AI Analysis

Impact

The vulnerability arises from inconsistencies between page element relationships and internal indexing in Foxit PDF Editor and Reader. When a PDF containing script-initiated modifications is opened, object references can become invalid while page metadata queries continue, leading to a use‑after‑free that can trigger a crash. According to the CVE title, an attacker may be able to coerce the application into executing arbitrary code, although the raw description only documents a crash.

Affected Systems

Foxit Software Inc.'s products affected are Foxit PDF Editor and Foxit PDF Reader. No specific version information is listed, implying that all releases that support AcroForm annotation processing are susceptible. This includes both the free and paid editions distributed through the Foxit support portal.

Risk and Exploitability

The CVSS score of 7.8 reflects a high severity. The EPSS score of less than 1 percent suggests that exploitation is currently unlikely but not impossible. The vulnerability is not in CISA's KEV catalog, and no official patch is listed, so users should proceed with caution. The most likely attack vector is delivery through a malicious PDF document that a user opens locally or via email, which could trigger the use‑after‑free and potentially lead to malicious code execution if an attacker crafts a payload to exploit the crash.

Generated by OpenCVE AI on April 28, 2026 at 04:32 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the latest Foxit PDF Editor/Reader patch once available and install any interim security updates.
  • Disable or limit JavaScript execution in PDF settings to prevent script-triggered modifications; consider turning off AcroForm processing if not required.
  • If a patch is not yet available, isolate PDF handling applications in a sandboxed environment and only open documents from trusted sources.
  • Employ a PDF scanner or sandbox that detects anomalies in page structures before rendering, providing an additional layer of defense.

Generated by OpenCVE AI on April 28, 2026 at 04:32 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 29 Apr 2026 17:30:00 +0000

Type Values Removed Values Added
First Time appeared Foxit
Foxit pdf Editor
Foxit pdf Reader
CPEs cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*
cpe:2.3:a:foxit:pdf_reader:*:*:*:*:*:*:*:*
Vendors & Products Foxit
Foxit pdf Editor
Foxit pdf Reader

Tue, 28 Apr 2026 08:45:00 +0000

Type Values Removed Values Added
First Time appeared Foxitsoftware
Foxitsoftware foxit Pdf Editor
Foxitsoftware foxit Reader
Vendors & Products Foxitsoftware
Foxitsoftware foxit Pdf Editor
Foxitsoftware foxit Reader

Mon, 27 Apr 2026 14:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Mon, 27 Apr 2026 11:30:00 +0000

Type Values Removed Values Added
Description Document structural anomalies caused inconsistencies between page element relationships and internal index states. When scripts triggered document modifications, object reference validity was not properly maintained, leading to a crash when accessing an invalid pointer during page information queries.
Title Foxit PDF Editor/Reader AcroForm Annotation Use-After-Free Remote Code Execution Vulnerability
Weaknesses CWE-416
References
Metrics cvssV3_1

{'score': 7.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H'}

Subscriptions

Foxit Pdf Editor Pdf Reader
Foxitsoftware Foxit Pdf Editor Foxit Reader
cve-icon MITRE

Status: PUBLISHED

Assigner: Foxit

Published:

Updated: 2026-04-28T03:55:23.507Z

Reserved: 2026-04-09T03:42:20.240Z

Link: CVE-2026-5943

cve-icon Vulnrichment

Updated: 2026-04-27T13:40:20.491Z

cve-icon NVD

Status : Analyzed

Published: 2026-04-27T12:16:24.717

Modified: 2026-04-29T17:18:04.043

Link: CVE-2026-5943

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-28T08:30:13Z

Weaknesses