Hackers News Hackers News
  • CyberSecurity News
  • Threats
  • Attacks
  • Vulnerabilities
  • Breaches
  • Comparisons

Social Media

Hackers News Hackers News
  • CyberSecurity News
  • Threats
  • Attacks
  • Vulnerabilities
  • Breaches
  • Comparisons
Search the Site
Popular Searches:
technology Amazon AI
Recent Posts
UNC6692 Hackers Deploy SNOW Malware via Microsoft Teams Helpdesk Impersonation
July 9, 2026
Bridging Threat Intelligence to SOC Action: A Guide for Security Teams
July 9, 2026
Foxit PDF Reader & Editor Patches 20 Critical RCE Flaws
July 9, 2026
Home/CyberSecurity News/Foxit PDF Reader & Editor Patches 20 Critical RCE Flaws
CyberSecurity News

Foxit PDF Reader & Editor Patches 20 Critical RCE Flaws

Key Takeaways Foxit has issued an urgent security update addressing 20 critical remote code execution (RCE) vulnerabilities in its PDF Reader and Editor. The flaws affect multiple Windows and macOS...

Emy Elsamnoudy
Emy Elsamnoudy
July 9, 2026 3 Min Read
4 0

Key Takeaways

  • Foxit has issued an urgent security update addressing 20 critical remote code execution (RCE) vulnerabilities in its PDF Reader and Editor.
  • The flaws affect multiple Windows and macOS versions of Foxit PDF Reader and Editor, including older product lines.
  • Many vulnerabilities carry CVSS scores up to 8.2 and can be exploited by opening specially crafted PDF files or through a local privilege escalation in the update mechanism.
  • Users are strongly advised to update immediately to Foxit PDF Reader 2026.1.2 and Foxit PDF Editor 2026.1.2 (or later for Mac) to mitigate significant security risks.

Foxit has released a crucial security patch, addressing a total of 20 remote code execution (RCE) vulnerabilities across its widely used Foxit PDF Reader and Foxit PDF Editor applications. Users are urged to apply these updates without delay to protect their systems.

Table Of Content

  • Key Takeaways
  • Critical Flaws in Foxit PDF Reader and Editor
  • Detailed Vulnerability Breakdown
  • What You Should Do

The comprehensive security release, dated July 8, 2026, targets multiple versions of both products on Windows and macOS platforms. Several of these vulnerabilities are classified as “Important” and could enable arbitrary code execution on affected systems.

The patch resolves a wide array of memory corruption and parsing errors, including common security pitfalls such as use-after-free, out-of-bounds read and write operations, buffer copy errors, type confusion, and improper array index validation.

Many of these critical flaws can be triggered simply by opening a maliciously crafted PDF document. Such malicious files might contain embedded JavaScript, abnormal annotations, malformed page trees, corrupted signature fields, or deceptive XDP content designed to exploit these vulnerabilities.

Beyond document-related risks, Foxit also addressed a local privilege escalation vulnerability within its update mechanism. This particular flaw could allow the update service to load malicious DLLs or executables with elevated privileges during routine update checks, posing a significant system-level exposure.

Critical Flaws in Foxit PDF Reader and Editor

The most severe vulnerabilities outlined in this update could permit an attacker to execute arbitrary code remotely on a victim’s machine merely by having them open a specially crafted PDF. This scenario is particularly dangerous given that PDF readers are frequently exploited targets in sophisticated phishing campaigns.

Depending on the specific flaw and the malicious file content used, some issues could also lead to information disclosure, application crashes, or even privilege escalation, granting attackers greater control over the compromised system.

Several of the addressed vulnerabilities received CVSS scores of 7.8, indicating their high severity. The privilege escalation flaw in the update path, however, was assigned an even higher CVSS score of 8.2, underscoring the critical nature of this security release.

Detailed Vulnerability Breakdown

The following table provides a summary of the patched vulnerabilities:

CVE ID CWE Vulnerability Type Impact
CVE-2026-13126 CWE-416 Use After Free Arbitrary/Remote Code Execution
CVE-2026-13127 CWE-416 Use After Free Arbitrary/Remote Code Execution
CVE-2026-13128 CWE-416 Use After Free Arbitrary/Remote Code Execution
CVE-2026-13129 CWE-416 Use After Free Arbitrary/Remote Code Execution
CVE-2026-57237 CWE-416 Use After Free Arbitrary/Remote Code Execution
CVE-2026-57238 CWE-416 Use After Free Arbitrary/Remote Code Execution
CVE-2026-57240 CWE-416 Use After Free Arbitrary/Remote Code Execution
CVE-2026-57242 CWE-416 Use After Free Arbitrary/Remote Code Execution
CVE-2026-57244 CWE-416 Use After Free Arbitrary/Remote Code Execution
CVE-2026-57245 CWE-416 Use After Free Arbitrary/Remote Code Execution
CVE-2026-57247 CWE-416 Use After Free Arbitrary/Remote Code Execution
CVE-2026-57249 CWE-416 Use After Free Arbitrary/Remote Code Execution
CVE-2026-57250 CWE-416 Use After Free Arbitrary/Remote Code Execution
CVE-2026-57252 CWE-416 Use After Free Arbitrary/Remote Code Execution
CVE-2026-57256 CWE-416 Use After Free Arbitrary/Remote Code Execution
CVE-2026-57246 CWE-120 Buffer Copy without Size Check Arbitrary Code Execution
CVE-2026-57248 CWE-763 Release of Invalid Pointer Arbitrary Code Execution
CVE-2026-57251 CWE-129 Improper Validation of Array Index Arbitrary Code Execution
CVE-2026-57254 CWE-843 Type Confusion Arbitrary Code Execution
CVE-2026-57260 CWE-787 Out-of-Bounds Write Arbitrary Code Execution

Foxit credited multiple researchers and security groups for their contributions in identifying and reporting these issues, including Trend Zero-Day Initiative and Cisco Talos.

The fixes are incorporated into Foxit PDF Reader 2026.1.2 and Foxit PDF Editor 2026.1.2 for Windows. Corresponding updated versions have also been released for Mac users.

A broad range of older Reader and Editor builds across various product lines are identified as vulnerable, including versions 2026.x, 2025.x, 2024.x, 2023.x, 14.x, and specific 13.x builds, depending on the product and operating system.

What You Should Do

  • Update Immediately: Users should update to Foxit PDF Reader 2026.1.2 and Foxit PDF Editor 2026.1.2 for Windows, or the latest corresponding Mac releases, as soon as possible.
  • Utilize In-App Update: The recommended method for updating is through the “Check for Update” option within the application itself.
  • Download Latest Version: Alternatively, users can download the most recent release directly from the official Foxit website.
  • Exercise Caution with Untrusted PDFs: Given that many vulnerabilities are triggered by specially crafted PDF files, avoid opening untrusted PDF documents, especially those received via email or messaging applications, until the update is applied.
  • Prioritize Patching: Security teams should treat this update with urgency, recognizing that PDF readers often serve as a direct attack vector between threat actors and end-users.

Disclaimer: HackersRadar reports on cybersecurity threats and incidents for informational and awareness purposes only. We do not engage in hacking activities, data exfiltration, or the hosting or distribution of stolen or leaked information. All content is based on publicly available sources.

Tags:

AttackCVEPatchphishingSecurityVulnerabilityzero-day

Share Article

Emy Elsamnoudy

Emy Elsamnoudy

Emy is a cybersecurity analyst and reporter specializing in threat hunting, defense strategies, and industry trends. With expertise in proactive security measures, Emily covers the tools and techniques organizations use to detect and prevent cyber attacks. She is a regular speaker at security conferences and has contributed to industry reports on threat intelligence and security operations. Emily's reporting focuses on helping organizations improve their security posture through practical, actionable insights.

Previous Post

AssuranceAmerica Data Breach Exposes 6.9 Million Driver’s Licenses and Personal Data

Next Post

Bridging Threat Intelligence to SOC Action: A Guide for Security Teams

No Comment! Be the first one.

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Popular Posts
Meta’s Muse AI Tool Exposes Instagram User Photos to the Public
July 9, 2026
HalluSquatting Attack Poisons AI Coding Assistants to Install Botnet Malware
July 9, 2026
QR Code Phishing Attacks Steal Credentials and Deliver Malware
July 9, 2026
Top Authors
Marcus Rodriguez
Marcus Rodriguez
Jennifer sherman
Jennifer sherman
Emy Elsamnoudy
Emy Elsamnoudy
Let's Connect
156k
2.25m
285k

Related Posts

Jennifer sherman
By Jennifer sherman
Threats

GlassWorm Attacks macOS via Malicious VS Code…

January 1, 2026
Emy Elsamnoudy
By Emy Elsamnoudy
Attacks

ClickFix Attack Hides Malicious Code via Stegan Security

January 1, 2026
Sarah simpson
By Sarah simpson
Vulnerabilities

MongoBleed Detector Tool Released to Detect MongoDB Vulnerability(CVE-2025-14847)

January 1, 2026
Emy Elsamnoudy
By Emy Elsamnoudy
Breaches

Conti Ransomware Gang Leaders & Infrastructure Exposed

January 1, 2026
Hackers News Hackers News
  • [email protected]

Quick Links

  • Contact Us
  • Privacy Policy
  • Terms of service

Categories

Attacks
Breaches
Comparisons
CyberSecurity News
Threats
Vulnerabilities

Let's keep in touch

receive fresh updates and breaking cyber news every day and week!

All Rights Reserved by HackersRadar ©2026

Follow Us