JavaScript Execution Flaw in PDF Application by Foxit
CVE-2026-57256
7.8HIGH
What is CVE-2026-57256?
A flaw exists in the Foxit PDF application where the handling of JavaScript within PDF files can lead to abnormal operations on list box fields. Upon executing embedded JavaScript, the application fails to properly validate form objects and their internal pointers. This oversight allows for illegal pointer readings, resulting in application crashes. After the form is reset, these problematic operations can be repeated, heightening the risk of instability in the application.
Affected Version(s)
Foxit PDF Editor MacOS Versions 2026.1.1 and earlier
Foxit PDF Editor MacOS Versions 14.0.3 and earlier
Foxit PDF Editor Windows Versions 2026.1.1 and earlier
