Insufficient UI Warning in PDFsam Enhanced Allows Remote Code Execution
CVE-2025-14403

7.8HIGH

Key Information:

Vendor: PDFsam
Status: Enhanced
Vendor: CVE Published:; 23 December 2025

What is CVE-2025-14403?

An insufficient user interface warning in PDFsam Enhanced allows remote attackers to execute arbitrary code on affected systems. This vulnerability arises from the implementation of the Launch action, permitting dangerous scripts to be executed without adequate user warnings. To exploit this flaw, an attacker must lure the user into visiting a malicious webpage or opening a compromised file. Once executed, the code runs within the context of the current user's privileges, potentially leading to unauthorized access and manipulation of sensitive data.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Enhanced 7.0.76.15222

References

https://www.zerodayinitiative.com/advisories/ZDI-25-1091/

x_research-advisory

CVSS V3.0

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Dec 23, 2025
Vulnerability Reserved
Dec 10, 2025

JSON

PDFsam

What is CVE-2025-14403?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.0

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.