CVE-2026-5940
HIGH
7,8
Source: 14984358-7092-470d-8f34-ade47a7658a2
Attack Vector: local
Attack Complexity: low
Privileges Required: none
User Interaction: required
Scope: unchanged
Confidentiality: high
Integrity: high
Availability: high
Description
AI Translation Available
Calling a function that triggers a UI refresh after removing comments via a script may access an invalidated object, leading to program crashes.
416
Use After Free
StableCommon Consequences
Security Scopes Affected:
Integrity
Availability
Confidentiality
Potential Impacts:
Modify Memory
Dos: Crash, Exit, Or Restart
Read Memory
Execute Unauthorized Code Or Commands
Applicable Platforms
Languages:
C, C++, Memory-Unsafe
Application
Pdf Editor by Foxit
Version Range Affected
To
13.2.4
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Pdf Editor by Foxit
Version Range Affected
From
14.0.0
(inclusive)
To
14.0.4
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Pdf Reader by Foxit
Version Range Affected
To
2026.1.1
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:a:foxit:pdf_reader:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Pdf Editor by Foxit
Version Range Affected
From
2023.0.0
(inclusive)
To
2026.1.1
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
https://www.foxit.com/support/security-bulletins.html