Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Foxit Software Inc. — Vulnerabilities & Security Advisories 34

Browse all 34 CVE security advisories affecting Foxit Software Inc.. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Foxit Software Inc. develops PDF viewing and editing tools widely used in enterprise environments for document management and collaboration. The company’s software has historically been associated with thirty-four recorded Common Vulnerabilities and Exposures, primarily stemming from its complex PDF parsing engine. These vulnerabilities frequently involve remote code execution, buffer overflows, and cross-site scripting, allowing attackers to compromise system integrity or execute arbitrary commands through maliciously crafted documents. Notable security characteristics include the software’s deep integration into Windows systems, which amplifies the impact of privilege escalation flaws. While no single catastrophic incident has defined the company’s public record, the consistent pattern of memory corruption bugs highlights challenges in maintaining robust input validation across diverse document formats. This ongoing vulnerability landscape necessitates rigorous patch management for organizations relying on Foxit’s suite for critical document workflows.

Top products by Foxit Software Inc.: Foxit PDF Editor Foxit PDF Reader pdfonline.foxit.com na1.foxitesign.foxit.com webplugins.foxit.com Foxit PDF Services API
CVE IDTitleCVSSSeverityPublished
CVE-2026-5937 Foxit PDF Editor/Reader's insufficient parameter validation leads to denial-of-service vulnerability — Foxit PDF EditorCWE-248 5.5 Medium2026-04-27
CVE-2026-5938 Foxit PDF Editor/Reader Infinite Loop Denial-of-Service Vulnerability — Foxit PDF EditorCWE-691 5.5 Medium2026-04-27
CVE-2026-5940 Foxit PDF Editor/Reader Annotation Use-After-Free Remote Code Execution Vulnerability — Foxit PDF EditorCWE-416 7.8 High2026-04-27
CVE-2026-5942 Foxit PDF Editor/Reader AcroForm Signature Use-After-Free Vulnerability — Foxit PDF EditorCWE-416 5.5 Medium2026-04-27
CVE-2026-5943 Foxit PDF Editor/Reader AcroForm Annotation Use-After-Free Remote Code Execution Vulnerability — Foxit PDF EditorCWE-416 7.8 High2026-04-27
CVE-2026-5939 UAF in Foxit PDF Editor/Reader via XFA calculate event — Foxit PDF EditorCWE-416 5.5 Medium2026-04-27
CVE-2026-5941 Foxit PDF Editor/Reader AcroForm Signature Remote Code Execution Vulnerability — Foxit PDF EditorCWE-20 7.8 High2026-04-27
CVE-2026-5936 Server-Side Request Forgery (SSRF) via URL Parameter in Foxit PDF Services API — Foxit PDF Services APICWE-918 8.5 High2026-04-13
CVE-2026-3774 Self-Modifications Affecting Altered Printing and Redaction in Foxit PDF Editor — Foxit PDF EditorCWE-200 4.7 Medium2026-04-01
CVE-2026-3775 Foxit PDF Editor/Reader Update Service Uncontrolled Search Path Element Local Privilege Escalation Vulnerability — Foxit PDF EditorCWE-427 7.8 High2026-04-01
CVE-2026-3776 Null pointer dereference in Foxit PDF Editor/Reader when accessing stamp annotation — Foxit PDF EditorCWE-476 5.5 Medium2026-04-01
CVE-2026-3780 Foxit PDF Editor/Reader Installer Uncontrolled Search Path Privilege Escalation — Foxit PDF ReaderCWE-426 7.3 High2026-04-01
CVE-2026-3778 Stack exhaustion caused by cyclic references in Foxit PDF Editor/Reader — Foxit PDF EditorCWE-674 6.2 Medium2026-04-01
CVE-2026-3779 Foxit PDF Editor/Reader List Box Calculate Array Use-After-Free Vulnerability — Foxit PDF EditorCWE-416 7.8 High2026-04-01
CVE-2026-3777 Use after free of view cache in Foxit PDF Editor/Reader — Foxit PDF EditorCWE-416 5.5 Medium2026-04-01
CVE-2026-4947 Insecure Direct Object Reference (IDOR) Leading to Signature Forgery in Foxit eSign — na1.foxitesign.foxit.comCWE-284 7.1 High2026-04-01
CVE-2026-1592 Stored XSS via Create New Layer Field found in Foxit PDF Editor Cloud — pdfonline.foxit.comCWE-79 6.3 Medium2026-02-03
CVE-2026-1591 Stored XSS via Attachments Feature in https://pdfonline.foxit.com/ — pdfonline.foxit.comCWE-79 6.3 Medium2026-02-03
CVE-2025-66523 Reflected Cross-Site Scripting (XSS) Vulnerability in na1.foxitesign.foxit.com via Unsanitized URL Parameters — na1.foxitesign.foxit.comCWE-79 6.1 Medium2026-01-20
CVE-2025-66522 Foxit pdfonline.foxit.com Stored Cross-Site Scripting in Digital IDs Common Name Field — pdfonline.foxit.comCWE-79 6.3 Medium2025-12-19
CVE-2025-66521 Foxit pdfonline.foxit.com Stored Cross-Site Scripting in Trusted Certificates Feature — pdfonline.foxit.comCWE-79 6.3 Medium2025-12-19
CVE-2025-66520 Foxit pdfonline.foxit.com Stored Cross-Site Scripting in Portfolio SVG Handling — pdfonline.foxit.comCWE-79 6.3 Medium2025-12-19
CVE-2025-66519 Foxit pdfonline.foxit.com Stored Cross-Site Scripting in Layer Import Functionality — pdfonline.foxit.comCWE-79 6.3 Medium2025-12-19
CVE-2025-66502 Foxit pdfonline.foxit.com Stored Cross-Site Scripting in Page Templates Feature — pdfonline.foxit.comCWE-79 6.3 Medium2025-12-19
CVE-2025-66501 Foxit pdfonline.foxit.com Stored Cross-Site Scripting in eSign Predefined Text Feature — pdfonline.foxit.comCWE-79 6.3 Medium2025-12-19
CVE-2025-66500 Foxit webplugins.foxit.com Stored Cross-Site Scripting via postMessage Vulnerability — webplugins.foxit.comCWE-79 6.3 Medium2025-12-19
CVE-2025-66499 Foxit PDF Reader PDF Parsing Heap-Based Buffer Overflow Remote Code Execution Vulnerability — Foxit PDF ReaderCWE-190 7.8 High2025-12-19
CVE-2025-66498 Foxit PDF Reader 3D Annotation Out-of-Bounds Memory Access Vulnerability — Foxit PDF ReaderCWE-125 5.3 Medium2025-12-19
CVE-2025-66497 Foxit PDF Reader 3D Annotation Out-of-Bounds Memory Access Vulnerability — Foxit PDF ReaderCWE-125 5.3 Medium2025-12-19
CVE-2025-66496 Foxit PDF Reader 3D Annotation Out-of-Bounds Memory Access Vulnerability — Foxit PDF ReaderCWE-125 5.3 Medium2025-12-19

This page lists every published CVE security advisory associated with Foxit Software Inc.. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.