CVE-2025-51966

Name of the Vulnerable Software and Affected Versions uTools versions through 7.1.1

Description A cross-site scripting (XSS) issue exists in the PDF preview functionality. When a user previews a specially crafted PDF file, embedded JavaScript code executes within the application’s privileged context, potentially allowing attackers to steal sensitive data or perform unauthorized actions.

Recommendations Update uTools to a version newer than 7.1.1.