Browse all 6 CVE security advisories affecting pdfforge. AI-powered Chinese analysis, POCs, and references for each vulnerability.
pdfforge develops PDF creation and conversion software, primarily serving users needing document manipulation tools. Historically, its products have faced vulnerabilities including remote code execution, cross-site scripting, and privilege escalation, often stemming from input validation flaws and insecure design. The software's frequent handling of untrusted content increases exposure to exploitation. While no major public security incidents have been widely documented, the presence of six CVEs indicates ongoing security considerations. Users should maintain current versions and apply patches promptly, as the nature of PDF processing inherently involves risks when handling potentially malicious files.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-14421 | pdfforge PDF Architect PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability — PDF ArchitectCWE-125 | 5.5AI | MediumAI | 2025-12-23 |
| CVE-2025-14420 | pdfforge PDF Architect CBZ File Parsing Directory Traversal Remote Code Execution Vulnerability — PDF ArchitectCWE-22 | 7.8AI | HighAI | 2025-12-23 |
| CVE-2025-14419 | pdfforge PDF Architect PDF File Parsing Memory Corruption Remote Code Execution Vulnerability — PDF ArchitectCWE-119 | 7.8AI | HighAI | 2025-12-23 |
| CVE-2025-14418 | pdfforge PDF Architect XLS File Insufficient UI Warning Remote Code Execution Vulnerability — PDF ArchitectCWE-356 | 7.8AI | HighAI | 2025-12-23 |
| CVE-2025-14417 | pdfforge PDF Architect Launch Insufficient UI Warning Remote Code Execution Vulnerability — PDF ArchitectCWE-356 | 8.8AI | HighAI | 2025-12-23 |
| CVE-2025-14416 | pdfforge PDF Architect DOC File Insufficient UI Warning Remote Code Execution Vulnerability — PDF ArchitectCWE-356 | 7.8AI | HighAI | 2025-12-23 |
This page lists every published CVE security advisory associated with pdfforge. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.