{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2026-13129","assignerOrgId":"14984358-7092-470d-8f34-ade47a7658a2","state":"PUBLISHED","assignerShortName":"Foxit","dateReserved":"2026-06-24T03:01:54.524Z","datePublished":"2026-07-08T07:36:30.034Z","dateUpdated":"2026-07-08T13:20:30.258Z"},"containers":{"cna":{"providerMetadata":{"orgId":"14984358-7092-470d-8f34-ade47a7658a2","shortName":"Foxit","dateUpdated":"2026-07-08T07:36:30.034Z"},"title":"Foxit PDF Editor/Reader Annotation Use-After-Free Remote Code Execution Vulnerability","problemTypes":[{"descriptions":[{"lang":"en","cweId":"CWE-416","description":"CWE-416 Use after free","type":"CWE"}]}],"impacts":[{"descriptions":[{"lang":"en","value":"Potential arbitrary code execution"}]}],"affected":[{"vendor":"Foxit Software Inc.","product":"Foxit PDF Editor","platforms":["Windows"],"versions":[{"status":"affected","version":"Versions 2026.1.1 and earlier"},{"status":"affected","version":"Versions 14.0.4 and earlier"},{"status":"affected","version":"Versions 13.2.4 and earlier"}],"defaultStatus":"unaffected"},{"vendor":"Foxit Software Inc.","product":"Foxit PDF Reader","platforms":["Windows"],"versions":[{"status":"affected","version":"Versions 2026.1.1 and earlier"}],"defaultStatus":"unaffected"}],"descriptions":[{"lang":"en","value":"When the application opens a PDF file, JavaScript uses the damaged field tree to trigger field traversal, resulting in the program holding an invalid form object when accessing the field property path. Eventually, the application crashes due to reading an invalid pointer.","supportingMedia":[{"type":"text/html","base64":false,"value":"When the application opens a PDF file, JavaScript uses the damaged field tree to trigger field traversal, resulting in the program holding an invalid form object when accessing the field property path. Eventually, the application crashes due to reading an invalid pointer."}]}],"references":[{"url":"https://www.foxit.com/support/security-bulletins.html"}],"metrics":[{"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}],"cvssV3_1":{"version":"3.1","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseSeverity":"HIGH","baseScore":7.8,"vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}}],"credits":[{"lang":"en","value":"Anonymous working with TrendAI Zero Day Initiative","type":"finder"}],"x_generator":{"engine":"Vulnogram 1.0.2"}},"adp":[{"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2026-07-08T13:20:17.240504Z","id":"CVE-2026-13129","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2026-07-08T13:20:30.258Z"}}]}}