Known Vulnerabilities for products from Foxit
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Foxit".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-3778 json | The application does not detect or guard against cyclic PDF object references while handling JavaScript in PDF. When pages an... | Not Provided | 2026-04-01 | 2026-04-14 |
| CVE-2026-3777 json | The application does not properly validate the lifetime and validity of internal view cache pointers after JavaScript changes... | Not Provided | 2026-04-01 | 2026-04-14 |
| CVE-2026-3776 json | The application does not validate the presence of required appearance (AP) data before accessing stamp annotation resources. ... | Not Provided | 2026-04-01 | 2026-04-14 |
| CVE-2026-3775 json | The application's update service, when checking for updates, loads certain system libraries from a search path that includes ... | Not Provided | 2026-04-01 | 2026-04-14 |
| CVE-2026-3774 json | The application allows PDF JavaScript and document/print actions (such as WillPrint/DidPrint) to update form fields, annotati... | Not Provided | 2026-04-01 | 2026-04-10 |
| CVE-2025-66523 json | URL parameters are directly embedded into JavaScript code or HTML attributes without proper encoding or sanitization. This al... | Not Provided | 2026-01-20 | 2026-04-09 |
| CVE-2025-49419 json | Not Provided | 2025-06-06 | 2026-04-01 | |
| CVE-2023-33876 json | A use-after-free vulnerability exists in the way Foxit Reader 12.1.2.15332 handles destroying annotations. Specially crafted ... | 8.8 - HIGH | 2023-07-19 | 2023-09-15 |
| CVE-2023-33866 json | A use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, version 12.1.2.15332. By pre... | 8.8 - HIGH | 2023-07-19 | 2023-07-26 |
| CVE-2023-33240 json | Foxit PDF Reader (12.1.1.15289 and earlier) and Foxit PDF Editor (12.1.1.15289 and all previous 12.x versions, 11.2.5.53785 a... | 7.8 - HIGH | 2023-05-19 | 2023-05-26 |
| CVE-2023-32664 json | A type confusion vulnerability exists in the Javascript checkThisBox method as implemented in Foxit Reader 12.1.2.15332. Spec... | 7.8 - HIGH | 2023-07-19 | 2023-09-15 |
| CVE-2023-28744 json | A use-after-free vulnerability exists in the JavaScript engine of Foxit Software's PDF Reader, version 12.1.1.15289. A specia... | 8.8 - HIGH | 2023-07-19 | 2023-07-26 |
| CVE-2023-27379 json | A use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, version 12.1.2.15332. By pre... | 8.8 - HIGH | 2023-07-19 | 2023-07-26 |
| CVE-2022-47881 json | Foxit PDF Reader and PDF Editor 11.2.1.53537 and earlier has an Out-of-Bounds Read vulnerability. | 6.5 - MEDIUM | 2023-01-18 | 2023-01-25 |
| CVE-2022-43649 json | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 12.0.2.124... | 7.8 - HIGH | 2023-03-29 | 2023-04-06 |
| CVE-2022-43641 json | This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader 12... | 7.8 - HIGH | 2023-03-29 | 2023-04-06 |
| CVE-2022-43640 json | This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader 12... | 5.5 - MEDIUM | 2023-03-29 | 2023-04-06 |
| CVE-2022-43639 json | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 12.0.1.124... | 7.8 - HIGH | 2023-03-29 | 2023-04-06 |
| CVE-2022-43638 json | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 12.0.1.124... | 7.8 - HIGH | 2023-03-29 | 2023-04-10 |
| CVE-2022-43637 json | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 12.0.1.124... | 7.8 - HIGH | 2023-03-29 | 2023-04-06 |