Out-of-Bounds Read Vulnerability in Investintech SlimPDFReader
CVE-2026-13522

5.3MEDIUM

Key Information:

Vendor

Investintech

Status
SlimPDFreader
Vendor
CVE Published:
29 June 2026

What is CVE-2026-13522?

An out-of-bounds read vulnerability has been identified in Investintech SlimPDFReader, specifically within the function SlimPDFReader!Investintech::PCV::TeighaDo+0x25cde0 found in the SlimPDFReader.exe component. This issue can be exploited remotely and poses a significant security risk to users of versions up to 2.0.14. As the affected products are no longer supported by the maintainer, it is crucial for users to take immediate action to mitigate potential threats associated with this vulnerability.

Affected Version(s)

SlimPDFReader 2.0.0

SlimPDFReader 2.0.1

SlimPDFReader 2.0.2

References

https://vuldb.com/vuln/374530
vdb-entrytechnical-description
https://vuldb.com/vuln/374530/cti
signaturepermissions-required
https://vuldb.com/cve/CVE-2026-13522
third-party-advisory

CVSS V4

Score:
5.3
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
Unknown

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

jonzab (VulDB User)
VulDB Vulnerability Moderation Team
.