Vulnerability in PDF Viewer Software by Foxit
CVE-2026-57238

7.8HIGH

Key Information:

Vendor

Foxit Inc.

Vendor
CVE Published:
8 July 2026

What is CVE-2026-57238?

A vulnerability in Foxit's PDF software occurs when a PDF document is opened and JavaScript code executes, resulting in the deletion of a form field object. Following this action, any attempt to access the now-invalid object causes the application to crash, potentially disrupting user access and impacting productivity. It is crucial for users to stay informed about this issue to mitigate risks effectively.

Affected Version(s)

Foxit PDF Editor Windows Versions 2026.1.1 and earlier

Foxit PDF Editor Windows Versions 14.0.4 and earlier

Foxit PDF Editor Windows Versions 13.2.4 and earlier

References

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Anonymous working with TrendAI Zero Day Initiative
.