Known Vulnerabilities for Nitro Pro by Gonitro

Listed below are 10 of the newest known vulnerabilities associated with "Nitro Pro" by "Gonitro".

These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.

Data on known vulnerable versions is also displayed based on information from known CPEs

Known Vulnerabilities

CVE Shortened Description Severity Publish Date Last Modified
CVE-2025-69627 json Nitro PDF Pro for Windows 14.41.1.4 contains a heap use-after-free vulnerability in the implementation of the JavaScript meth... Not Provided 2026-04-13 2026-04-14
CVE-2025-69624 json Nitro PDF Pro for Windows 14.41.1.4 contains a NULL pointer dereference vulnerability in the JavaScript implementation of app... Not Provided 2026-04-13 2026-04-13
CVE-2025-66769 json A NULL pointer dereference in Nitro PDF Pro for Windows v14.41.1.4 allows attackers to cause a Denial of Service (DoS) via a ... Not Provided 2026-04-13 2026-04-13
CVE-2021-21798 json An exploitable return of stack variable address vulnerability exists in the JavaScript implementation of Nitro Pro PDF. A spe... 7.8 - HIGH 2021-09-15 2022-10-25
CVE-2021-21797 json An exploitable double-free vulnerability exists in the JavaScript implementation of Nitro Pro PDF. A specially crafted docume... 7.8 - HIGH 2021-10-18 2022-05-13
CVE-2021-21796 json An exploitable use-after-free vulnerability exists in the JavaScript implementation of Nitro Pro PDF. A specially crafted doc... 7.8 - HIGH 2021-10-18 2022-05-13
CVE-2020-10223 json npdf.dll in Nitro Pro before 13.13.2.242 is vulnerable to JBIG2Decode CNxJBIG2DecodeStream Heap Corruption at npdf!CAPPDAnnot... 8.1 - HIGH 2020-03-08 2020-03-09
CVE-2020-10222 json npdf.dll in Nitro Pro before 13.13.2.242 is vulnerable to Heap Corruption at npdf!nitro::get_property+2381 via a crafted PDF ... 8.1 - HIGH 2020-03-08 2021-07-21
CVE-2020-6146 json An exploitable code execution vulnerability exists in the rendering functionality of Nitro Pro 13.13.2.242 and 13.16.2.300. W... 8.8 - HIGH 2020-09-16 2022-05-12
CVE-2020-6116 json An arbitrary code execution vulnerability exists in the rendering functionality of Nitro Software, Inc.’s Nitro Pro 13.13.2... 7.8 - HIGH 2020-09-17 2022-05-12
Results limited to 10 most recent vulnerabilities

Known Affected Configurations (CPE V2.3)

Type Vendor Product Version Update Edition Language
ApplicationGonitroNitro Pro9.5.4.22
ApplicationGonitroNitro Pro9.0.7.5
ApplicationGonitroNitro Pro8.5.7.3
ApplicationGonitroNitro Pro8.1.1.12
ApplicationGonitroNitro Pro8.0.10.9
ApplicationGonitroNitro Pro7.5.0.29
ApplicationGonitroNitro Pro7.4.1.24
ApplicationGonitroNitro Pro7.3.1.10
ApplicationGonitroNitro Pro7.2.0.15
ApplicationGonitroNitro Pro7.0.2.8
ApplicationGonitroNitro Pro13.9.1.155
ApplicationGonitroNitro Pro13.33.2.645
ApplicationGonitroNitro Pro13.31.0.605
ApplicationGonitroNitro Pro13.30.2.587
ApplicationGonitroNitro Pro13.29.2.566
ApplicationGonitroNitro Pro13.26.3.505
ApplicationGonitroNitro Pro13.24.1.467
ApplicationGonitroNitro Pro13.22.0.414
ApplicationGonitroNitro Pro13.2.6.26
ApplicationGonitroNitro Pro13.2
Results limited to 20 most recent known configurations
© CVE.report 2026 |

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.

CVE, CWE, and OVAL are registred trademarks of The MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. This site includes MITRE data granted under the following license.

Free CVE JSON API cve.report/api

CVE.report and Source URL Uptime Status status.cve.report