CVE-2025-55309
An issue was discovered in Foxit PDF and Editor for Windows and macOS before 13.2 and 2025 before 2025.2. A crafted PDF can contain JavaScript that attaches an OnBlur action on a form field that destroys an annotation. During user right-click interaction, the program's internal focus change handling prematurely releases the annotation object, resulting in a use-after-free vulnerability that may cause memory corruption or application crashes.
| Software | From | Fixed in |
|---|---|---|
| foxit / pdf_editor | - | 13.1.7.63027.x |
| foxit / pdf_editor | 2023.1.0.55583 | 2023.3.0.63083.x |
| foxit / pdf_editor | 2024.1.0.63682 | 2024.4.1.66479.x |
| foxit / pdf_editor | 2025.1.0.66692 | 2025.1.0.66692.x |
| foxit / pdf_reader | - | 2025.1.0.66692.x |
| foxit / pdf_editor | - | 13.1.7.23637.x |
| foxit / pdf_editor | 2023.1.0.15510 | 2023.3.0.23028.x |
| foxit / pdf_editor | 2024.1.0.23997 | 2024.4.1.27687.x |
| foxit / pdf_editor | 2025.1.0.27937 | 2025.1.0.27937.x |
| foxit / pdf_reader | - | 2025.1.0.27937.x |
Deep Security Visibility Without the Complexity
SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.
- No setup fees
- 5-min deployment
- Cancel anytime