Memory Corruption Vulnerability in Foxit PDF and Editor for Windows
CVE-2025-55312

7.8HIGH

Key Information:

Vendor: Foxit Software
Status: Foxit PDF and Editor
Vendor: CVE Published:; 11 December 2025

🔔 Create Foxit Software Vulnerability Alert

What is CVE-2025-55312?

A vulnerability has been identified in Foxit PDF and Editor for Windows that manifests when pages are deleted via JavaScript. This action can prevent the application from correctly updating its internal states, leading to subsequent annotation management operations relying on these invalid states. Such conditions may result in memory corruption and application crashes, thereby creating opportunities for attackers to execute arbitrary code, potentially compromising system security.

References

https://www.foxit.com/support/security-bulletins.html

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 11, 2025
Vulnerability Reserved
Aug 12, 2025

JSON