SB2026040147 - Multiple vulnerabilities in Foxit PDF Editor and Reader for Mac

Description

This security bulletin contains information about 4 secuirty vulnerabilities.

1) NULL pointer dereference (CVE-ID: CVE-2026-3776)

The vulnerability allows a remote attacker to cause a denial of service.

The vulnerability exists due to null pointer dereference in stamp annotation handling when opening PDFs missing the appearance (AP) entry. A remote attacker can trick the victim into opening a specially crafted PDF file to cause a denial of service.

2) Use-after-free (CVE-ID: CVE-2026-3777)

The vulnerability allows a remote attacker to execute arbitrary code.

The vulnerability exists due to use-after-free in JavaScript handling when processing certain PDF documents. A remote attacker can trick the victim into opening a specially crafted PDF to execute arbitrary code.

3) Use-after-free (CVE-ID: CVE-2026-3779)

The vulnerability allows a remote attacker to execute arbitrary code.

The vulnerability exists due to use-after-free in document handling when processing certain PDFs with JavaScript. A remote attacker can trick the victim into opening a specially crafted PDF to execute arbitrary code.

4) Uncontrolled Recursion (CVE-ID: CVE-2026-3778)

The vulnerability allows a remote attacker to crash the application.

The vulnerability exists due to uncontrolled recursion in object reference handling when processing PDFs with cyclic references. A remote attacker can trick the victim into opening a specially crafted PDF file to cause a stack overflow and crash the application.

Remediation

Install update from vendor's website.

References

• https://www.foxitsoftware.com/support/security-bulletins.html?Security+updates+available+in+Foxit+PDF+Editor+for+Mac+2026.1%2F14.0.3%2F13.2.3+and+Foxit+PDF+Reader+for+Mac+2026.12026-03-31+00%3A00%3A00