CVE-2026-13522: Out-of-Bounds Read in Investintech SlimPDFReader
An out-of-bounds read vulnerability exists in Investintech SlimPDFReader versions 2.0.0 through 2.0.14 in the PDF File Handler component. The flaw occurs in the function SlimPDFReader!Investintech::PCV::TeighaDo+0x25cde0 and can be triggered remotely. The product is no longer supported by the vendor. The vulnerability has a medium severity score of 5.3 and does not have an official patch or remediation available.
AI Analysis
Technical Summary
CVE-2026-13522 is an out-of-bounds read vulnerability in Investintech SlimPDFReader affecting versions 2.0.0 to 2.0.14. The issue is located in the PDF File Handler component, specifically in the function SlimPDFReader!Investintech::PCV::TeighaDo+0x25cde0. This flaw can be triggered remotely without privileges or user interaction, leading to potential information disclosure or application instability. The product is no longer maintained, and no official fix or patch has been published by the vendor.
Potential Impact
Successful exploitation of this vulnerability could allow an attacker to read memory outside the intended bounds, potentially leading to information disclosure or application crashes. Since the product is unsupported, no vendor-provided fixes exist, increasing the risk for users who continue to run affected versions.
Mitigation Recommendations
No official fix or patch is available as the product is no longer supported by the vendor. Users are advised to discontinue use of affected versions (2.0.0 through 2.0.14) of SlimPDFReader or isolate the application to reduce exposure. Monitor for any unofficial patches or updates from trusted third parties, but verify their authenticity before deployment.
CVE-2026-13522: Out-of-Bounds Read in Investintech SlimPDFReader
Description
An out-of-bounds read vulnerability exists in Investintech SlimPDFReader versions 2.0.0 through 2.0.14 in the PDF File Handler component. The flaw occurs in the function SlimPDFReader!Investintech::PCV::TeighaDo+0x25cde0 and can be triggered remotely. The product is no longer supported by the vendor. The vulnerability has a medium severity score of 5.3 and does not have an official patch or remediation available.
CVSS v4.0
Score 5.3medium
Affected software
cpe:2.3:a:investintech:slimpdfreader:*:*:*:*:*:*:*:*AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
CVE-2026-13522 is an out-of-bounds read vulnerability in Investintech SlimPDFReader affecting versions 2.0.0 to 2.0.14. The issue is located in the PDF File Handler component, specifically in the function SlimPDFReader!Investintech::PCV::TeighaDo+0x25cde0. This flaw can be triggered remotely without privileges or user interaction, leading to potential information disclosure or application instability. The product is no longer maintained, and no official fix or patch has been published by the vendor.
Potential Impact
Successful exploitation of this vulnerability could allow an attacker to read memory outside the intended bounds, potentially leading to information disclosure or application crashes. Since the product is unsupported, no vendor-provided fixes exist, increasing the risk for users who continue to run affected versions.
Mitigation Recommendations
No official fix or patch is available as the product is no longer supported by the vendor. Users are advised to discontinue use of affected versions (2.0.0 through 2.0.14) of SlimPDFReader or isolate the application to reduce exposure. Monitor for any unofficial patches or updates from trusted third parties, but verify their authenticity before deployment.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- VulDB
- Date Reserved
- 2026-06-28T07:44:22.927Z
- Cvss Version
- 4.0
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 6a41cc3727e9c79719fca703
Added to database: 06/29/2026, 01:36:55 UTC
Last enriched: 06/29/2026, 01:51:24 UTC
Last updated: 06/29/2026, 03:49:46 UTC
Views: 7
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.