Changeflow GovPing Data Privacy & Cybersecurity Foxit PDF Editor/Reader Multiple Vulnerabilitie...
Priority review Notice Added Final

Foxit PDF Editor/Reader Multiple Vulnerabilities CVSS 7.8

Favicon for wid.cert-bund.de CERT-Bund Security Advisories
Published
Detected
Email

Summary

CERT-Bund issued a security advisory (WID-SEC-2026-0934) disclosing multiple vulnerabilities in Foxit PDF Editor and Reader affecting Windows, Linux, and UNIX systems prior to version 2026.1. The vulnerabilities carry a CVSS Base Score of 7.8 (high), potentially enabling information disclosure, denial of service, and code execution attacks. Users are advised to update to version 2026.1 to mitigate the risks.

View original document View source feed page

What changed

CERT-Bund published Security Advisory WID-SEC-2026-0934 identifying multiple vulnerabilities in Foxit PDF Editor and Foxit PDF Reader versions earlier than 2026.1. The affected products run on Linux, UNIX, Windows, and other operating systems. The vulnerabilities have a CVSS Base Score of 7.8 (high) and a Temporal Score of 6.8 (medium), with no remote attack vector. The vulnerabilities could allow an unauthenticated attacker to disclose information, cause denial of service, or execute arbitrary code.

Organizations using Foxit PDF Editor or Reader should verify their installed versions and update to version 2026.1 or later to apply available mitigations. No specific compliance deadline is stated. While the advisory is informational rather than a binding regulatory requirement, the vulnerabilities present genuine security risks requiring prompt attention from IT security teams and end users.

What to do next

  1. Inventory all Foxit PDF Editor and Reader installations across the organization
  2. Verify installed versions against the affected threshold (<2026.1)
  3. Update vulnerable installations to version 2026.1 or later

Archived snapshot

Mar 31, 2026

GovPing captured this document from the original source. If the source has since changed or been removed, this is the text as it existed at that time.

[WID-SEC-2026-0934] Foxit PDF Editor und Reader: Mehrere Schwachstellen CVSS Base Score 7.8 (hoch) CVSS Temporal Score 6.8 (mittel) Remoteangriff nein Datum 30.03.2026 Stand 31.03.2026 Mitigation ja

Betroffene Systeme

Betriebssystem

  • Linux
  • Sonstiges
  • UNIX
  • Windows

Produktbeschreibung

Foxit PDF Editor ist ein Tool zur Bearbeitung von PDF-Dateien.
Foxit PDF Reader ist ein Programm zur Anzeige von PDF Dateien.

Produkte

30.03.2026
- Foxit PDF Editor <2026.1

  • Foxit PDF Reader <2026.1

Angriff

Angriff

Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Foxit PDF Editor und Foxit PDF Reader ausnutzen, um Informationen offenzulegen, einen Denial of Service zu verursachen oder Code auszuführen. . CVE Informationen Versionshistorie Feedback zum Advisory geben

Related changes

Favicon for wid.cert-bund.de Froxlor Server Management Software Multiple Vulnerabilities CVSS 9.9
Urgent Apr 16, 2026 CERT-Bund Security Advisories Data Privacy & Cybersecurity
Favicon for wid.cert-bund.de Adobe Connect Multiple Critical Vulnerabilities Allowing Arbitrary Code Execution, CVSS 9.6
Priority review Apr 16, 2026 CERT-Bund Security Advisories Data Privacy & Cybersecurity
Favicon for wid.cert-bund.de Synology DiskStation Manager Multiple Vulnerabilities CVSS 8.0
Priority review Apr 15, 2026 CERT-Bund Security Advisories Data Privacy & Cybersecurity

Get daily alerts for CERT-Bund Security Advisories

Daily digest delivered to your inbox.

Free. Unsubscribe anytime.

Source

Favicon for wid.cert-bund.de
CERT-Bund Security Advisories wid.cert-bund.de/content/public/securityAdvisory/rss
Data Privacy & Cybersecurity

About this page

What is GovPing?

Every important government, regulator, and court update from around the world. One place. Real-time. Free. Our mission

What's from the agency?

Source document text, dates, docket IDs, and authority are extracted directly from CERT-Bund.

What's AI-generated?

The summary, classification, recommended actions, deadlines, and penalty information are AI-generated from the original text and may contain errors. Always verify against the source document.

Last updated

Press inquiries →

Classification

Agency
CERT-Bund
Published
March 30th, 2026
Instrument
Notice
Legal weight
Non-binding
Stage
Final
Change scope
Minor
Document ID
WID-SEC-2026-0934

Who this affects

Applies to
Technology companies Consumers
Industry sector
5112 Software & Technology
Activity scope
Software Vulnerability Management Security Patching
Threshold
Foxit PDF Editor <2026.1; Foxit PDF Reader <2026.1
Geographic scope
Germany DE

Taxonomy

Primary area
Cybersecurity
Operational domain
IT Security
Compliance frameworks
NIST CSF
Topics
Software Security Data Privacy

Browse Categories

Agriculture & Food Safety 65 AI Regulation 3 Banking & Finance 294 Consumer Protection 46 Courts & Legal 361 Data Privacy & Cybersecurity 76 Defense & National Security 51 Education 22 Energy 100 Environment 86 Environmental & Energy 11 Environmental Regulation 7 Financial Regulation 2 Government & Legislation 279 Government Operations 5 Healthcare 136 Healthcare & Life Sciences 5 Housing 16 Immigration 8 Immigration & Border Control 1 Insurance 58 Labor & Employment 114 Legal & Judicial 9 Pharma & Drug Safety 104 Public Health 2 Real Estate & Housing 3 Sanctions & Export Controls 1 Securities & Investments 1 Securities & Markets 103 Securities Regulation 6 Tax 65 Tax & Revenue 1 Telecom & Technology 47 Trade & Commerce 2 Trade & Sanctions 135 Transportation 60

Get alerts for this source

We'll email you when CERT-Bund Security Advisories publishes new changes.

Free. Unsubscribe anytime.

You're subscribed!