CVE-2025-14420

Name of the Vulnerable Software and Affected Versions pdfforge PDF Architect (affected versions not specified)

Description A flaw exists in the parsing of CBZ files within pdfforge PDF Architect, stemming from insufficient validation of user-supplied paths before their use in file operations. This can allow a remote attacker to execute arbitrary code on affected systems. User interaction is required, specifically the target must open a malicious file or visit a malicious page. The issue was identified as ZDI-CAN-27514.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.