PT-2026-7260 · Artifex · Mupdf
Nmaochea
·
Published
2026-02-10
·
Updated
2026-02-10
·
CVE-2025-15569
CVSS v3.1
7.0
High
| Vector | AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Artifex MuPDF versions up to 1.26.1
Description
An issue exists in Artifex MuPDF up to version 1.26.1 on Windows. The
get system dpi function within the platform/x11/win main.c file is susceptible to an uncontrolled search path manipulation. This requires local access to exploit and is considered to have high complexity with difficult exploitability.Recommendations
Upgrade to version 1.26.2 to resolve this issue.
Fix
LPE
Untrusted Search Path
Uncontrolled Search Path Element
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Mupdf