PT-2026-35404 · Foxit · Foxit Pdf Reader+1

Published

2026-04-27

Updated

2026-04-27

CVE-2026-5942

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Foxit PDF Reader (affected versions not specified) Foxit PDF Editor (affected versions not specified)

Description Flaws in page lifecycle management allow document structure changes to desynchronize internal component states. This leads to a use-after-free condition, where subsequent operations access invalidated objects, potentially causing the program to crash, allowing the execution of arbitrary code, or resulting in the disclosure of confidential information. This issue specifically relates to AcroForm Signature processing.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-416

Related Identifiers

BDU:2026-06114

CVE-2026-5942

ZDI-26-303

Affected Products

Foxit Pdf Editor

Foxit Pdf Reader

PT-2026-35404 · Foxit · Foxit Pdf Reader+1

CVE-2026-5942

Weakness Enumeration

Related Identifiers

Affected Products

References · 6