CVE-2026-5937: Foxit PDF Editor/Reader's insufficient parameter validation leads to denial-of-service vulnerability
Published Apr 27, 2026
·Updated
Insufficient parameter verification leads to the occurrence of format errors in files, which will trigger an unhandled "std::invalid_argument" exception, ultimately causing the program to terminate.
Affected Software
6 affected components
Foxit Foxit PDF Editor
Foxit Foxit PDF Reader
Foxit PDF Editor<13.2.4
Foxit PDF Editor>=14.0.0<14.0.4
Foxit PDF Editor>=2023.0.0<2026.1.1
Foxit PDF Reader<2026.1.1
Event History
Apr 27, 2026
CVE Published
via MITRE·11:00 AM
Data Sourced
via MITRE·11:00 AM
DescriptionSeverityWeakness
Data Sourced
via NVD·12:16 PM
DescriptionSeverityWeaknessAffected Software
Oct 6, 58306
Event
via FIRST·04:00 PM
Frequently Asked Questions
1
What is the severity of CVE-2026-5937?
CVE-2026-5937 is classified as a denial-of-service vulnerability, allowing attackers to terminate the application.
2
How do I fix CVE-2026-5937?
To mitigate CVE-2026-5937, ensure that you are using the latest version of Foxit PDF Editor or Foxit PDF Reader with security patches applied.
3
What software is affected by CVE-2026-5937?
CVE-2026-5937 affects Foxit PDF Editor and Foxit PDF Reader.
4
What type of vulnerability is CVE-2026-5937?
CVE-2026-5937 is a denial-of-service vulnerability caused by insufficient parameter validation.
5
What is the impact of exploiting CVE-2026-5937?
Exploiting CVE-2026-5937 can lead to program termination due to unhandled exceptions.