Signature Spoofing in Foxit PDF Editor and Reader
CVE-2025-59802

7.5HIGH

Key Information:

Vendor: Foxit
Status: Foxit PDF Editor and Reader
Vendor: CVE Published:; 11 December 2025

What is CVE-2025-59802?

Foxit PDF Editor and Reader versions prior to 2025.2.1 are vulnerable to a signature spoofing flaw that exploits Optional Content Groups (OCG). This vulnerability allows malicious actors to change the visibility of OCG content in a signed PDF document after it has been signed without invalidating the digital signature. As a result, the content displayed to the user can differ from what was originally signed, which severely undermines the integrity and trust of the digital signature. Users are encouraged to update to fixed versions to mitigate this risk.

References

https://www.foxit.com/support/security-bulletins.html

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 11, 2025
Vulnerability Reserved
Sep 22, 2025

JSON