CVE-2026-3779: CWE-416 Use after free in Foxit Software Inc. Foxit PDF Editor
CVE-2026-3779 is a use-after-free vulnerability in Foxit PDF Editor affecting versions 2025. 3 and earlier, 14. 0. 2 and earlier, and 13. 2. 2 and earlier. The issue arises because the application's list box calculation logic retains stale references to page or form objects after they have been deleted or recreated. This flaw can be triggered by specially crafted documents, potentially leading to arbitrary code execution when the calculation runs. The vulnerability has a high severity with a CVSS score of 7. 8.
AI Analysis
Technical Summary
This vulnerability involves a use-after-free condition in Foxit PDF Editor's list box calculation array logic. Specifically, the application keeps references to page or form objects that have been deleted or recreated, which can be exploited by crafted PDF documents to trigger execution of freed memory. This can result in arbitrary code execution under user interaction (UI required) with low attack complexity and no privileges required. The vulnerability affects multiple versions of Foxit PDF Editor up to 2025.3, 14.0.2, and 13.2.2. No official patch or remediation details are currently available.
Potential Impact
Successful exploitation of this vulnerability can lead to arbitrary code execution with high impact on confidentiality, integrity, and availability. The attacker must convince the user to open a malicious document and interact with it. There are no known public exploits at this time.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is available, users should exercise caution when opening PDF documents from untrusted sources and consider applying any available vendor workarounds once announced.
CVE-2026-3779: CWE-416 Use after free in Foxit Software Inc. Foxit PDF Editor
Description
CVE-2026-3779 is a use-after-free vulnerability in Foxit PDF Editor affecting versions 2025. 3 and earlier, 14. 0. 2 and earlier, and 13. 2. 2 and earlier. The issue arises because the application's list box calculation logic retains stale references to page or form objects after they have been deleted or recreated. This flaw can be triggered by specially crafted documents, potentially leading to arbitrary code execution when the calculation runs. The vulnerability has a high severity with a CVSS score of 7. 8.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
This vulnerability involves a use-after-free condition in Foxit PDF Editor's list box calculation array logic. Specifically, the application keeps references to page or form objects that have been deleted or recreated, which can be exploited by crafted PDF documents to trigger execution of freed memory. This can result in arbitrary code execution under user interaction (UI required) with low attack complexity and no privileges required. The vulnerability affects multiple versions of Foxit PDF Editor up to 2025.3, 14.0.2, and 13.2.2. No official patch or remediation details are currently available.
Potential Impact
Successful exploitation of this vulnerability can lead to arbitrary code execution with high impact on confidentiality, integrity, and availability. The attacker must convince the user to open a malicious document and interact with it. There are no known public exploits at this time.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is available, users should exercise caution when opening PDF documents from untrusted sources and consider applying any available vendor workarounds once announced.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- Foxit
- Date Reserved
- 2026-03-08T03:43:28.979Z
- Cvss Version
- 3.1
- State
- PUBLISHED
Threat ID: 69cc7a8ee6bfc5ba1d854120
Added to database: 4/1/2026, 1:53:18 AM
Last enriched: 4/8/2026, 6:39:14 AM
Last updated: 5/16/2026, 8:01:49 AM
Views: 109
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.