cvedb.io
CVE-2025-66499
HIGH · CVSS 7.8
EPSS exploitation probability: 0%
Published 2025-12-19T07:16:03.197 · Last modified 2026-06-17T09:56:56.590

Summary

A heap-based buffer overflow vulnerability exists in the PDF parsing of Foxit PDF Reader when processing specially crafted JBIG2 data. An integer overflow in the calculation of the image buffer size may occur, potentially allowing a remote attacker to execute arbitrary code.

Affected products

foxit — pdf_editor

Does this affect you?

Add your gear to cvedb and we'll alert you only when foxit ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.