CVE-2025-69627

Name of the Vulnerable Software and Affected Versions Nitro PDF Pro for Windows version 14.41.1.4

Description A heap use-after-free issue exists in the implementation of the JavaScript method this.mailDoc(). During execution, an internal XID object is allocated and freed prematurely, but the freed pointer is still passed to UI and logging helper functions. Consequently, routines such as wcscmp() may process invalid or stale pointers, which can lead to access violations and non-deterministic crashes.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.