Out-of-Bounds Read Vulnerability in Foxit Product
CVE-2026-57257

6.1MEDIUM

Key Information:

Vendor

Foxit Inc.

Vendor
CVE Published:
8 July 2026

What is CVE-2026-57257?

A vulnerability exists in the PRC parsing stage of Foxit Software, where inadequate boundary verification for the PRC entity index allows for an out-of-bounds read of the entity array. This security flaw can lead to unexpected application crashes, potentially impacting user experience and data integrity. It is crucial for users to investigate and apply necessary patches to their affected Foxit products to mitigate risk.

Affected Version(s)

Foxit PDF Editor MacOS Versions 2026.1.1 and earlier

Foxit PDF Editor MacOS Versions 14.0.3 and earlier

Foxit PDF Editor MacOS Versions 13.2.3 and earlier

References

CVSS V3.1

Score:
6.1
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Liang Zhu
.