CVE-2025-14412

Name of the Vulnerable Software and Affected Versions Soda PDF Desktop (affected versions not specified)

Description A flaw exists in Soda PDF Desktop related to the handling of XLS files. The software allows the execution of dangerous scripts without providing a warning to the user. This could allow a remote attacker to execute arbitrary code on a vulnerable system, operating with the privileges of the current user. User interaction is required, such as visiting a malicious page or opening a malicious file.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.