Foxit PDF Editor <=2026.1.1 Crash via JS Form Reset Deref
CVE-2026-57244 Published on July 8, 2026
Foxit PDF Editor/Reader Form Control Use-After-Free Vulnerability
After JavaScript resetting the form, the synchronization process lacks re-entry protection and object lifecycle verification, resulting in the failure of the control pointer during the traversal process. After the pointer fails, it still continues to dereference, causing the application to crash.
Vulnerability Analysis
CVE-2026-57244 is exploitable with local system access, requires user interaction. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to be very high.
Weakness Type
What is a Dangling pointer Vulnerability?
Referencing memory after it has been freed can cause a program to crash, use unexpected values, or execute code.
CVE-2026-57244 has been classified to as a Dangling pointer vulnerability or weakness.
Products Associated with CVE-2026-57244
Want to know whenever a new CVE is published for Foxit Software Pdf Editor? stack.watch will email you.
Affected Versions
Foxit Software Inc. Foxit PDF Editor:- Version Versions 2026.1.1 and earlier is affected.
- Version Versions 14.0.4 and earlier is affected.
- Version Versions 13.2.4 and earlier is affected.
- Version Versions 2026.1.1 and earlier is affected.
- Version Versions 14.0.3 and earlier is affected.
- Version Versions 13.2.3 and earlier is affected.
- Version Versions 2026.1.1 and earlier is affected.