Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Soda PDF — Vulnerabilities & Security Advisories 10

Browse all 10 CVE security advisories affecting Soda PDF. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Soda PDF is a document management solution primarily used for creating, editing, and converting PDF files. Historically, the application has been vulnerable to multiple remote code execution (RCE) and cross-site scripting (XSS) flaws, often through improper input validation and insecure deserialization. Privilege escalation vulnerabilities have also been documented, allowing unauthorized access to system resources. The software's security posture has been marked by consistent vulnerability disclosures, with 10 CVEs currently on record, highlighting ongoing security challenges in its handling of file parsing and user inputs.

Top products by Soda PDF: Desktop
CVE IDTitleCVSSSeverityPublished
CVE-2025-14414 Soda PDF Desktop Word File Insufficient UI Warning Remote Code Execution Vulnerability — DesktopCWE-356 7.8AIHighAI2025-12-23
CVE-2025-14415 Soda PDF Desktop Launch Insufficient UI Warning Remote Code Execution Vulnerability — DesktopCWE-356 8.8AIHighAI2025-12-23
CVE-2025-14413 Soda PDF Desktop CBZ File Parsing Directory Traversal Remote Code Execution Vulnerability — DesktopCWE-22 7.8AIHighAI2025-12-23
CVE-2025-14412 Soda PDF Desktop XLS File Insufficient UI Warning Remote Code Execution Vulnerability — DesktopCWE-356 7.8AIHighAI2025-12-23
CVE-2025-14411 Soda PDF Desktop PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability — DesktopCWE-125 5.5AIMediumAI2025-12-23
CVE-2025-14410 Soda PDF Desktop PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability — DesktopCWE-125 5.5AIMediumAI2025-12-23
CVE-2025-14409 Soda PDF Desktop PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability — DesktopCWE-787 7.8AIHighAI2025-12-23
CVE-2025-14408 Soda PDF Desktop PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability — DesktopCWE-125 5.5AIMediumAI2025-12-23
CVE-2025-14407 Soda PDF Desktop PDF File Parsing Memory Corruption Information Disclosure Vulnerability — DesktopCWE-119 5.5AIMediumAI2025-12-23
CVE-2025-14406 Soda PDF Desktop Uncontrolled Search Path Element Local Privilege Escalation Vulnerability — DesktopCWE-427 7.8AIHighAI2025-12-23

This page lists every published CVE security advisory associated with Soda PDF. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.