Vulnerability Database

317,105

Total vulnerabilities in the database

CVE-2025-66499

A heap-based buffer overflow vulnerability exists in the PDF parsing of Foxit PDF Reader when processing specially crafted JBIG2 data. An integer overflow in the calculation of the image buffer size may occur, potentially allowing a remote attacker to execute arbitrary code.

Published: Dec 19, 2025
Updated: Dec 20, 2025
CVE: CVE-2025-66499
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.8
AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWEs:

CWE-190

Affected Software
References

Software	From	Fixed in
foxit / pdf_editor	-	13.2.1.23955.x
foxit / pdf_editor	14.0.0.33046	14.0.1.33197.x
foxit / pdf_editor	2023.1.0.15510	2023.3.0.23028.x
foxit / pdf_editor	2024.1.0.23997	2024.4.1.27687.x
foxit / pdf_editor	2025.1.0.27937	2025.2.1.33197.x
foxit / pdf_reader	-	2025.2.1.33197.x
foxit / pdf_editor	-	13.2.1.63315.x
foxit / pdf_editor	14.0.0.33046	14.0.1.69005.x
foxit / pdf_editor	2023.1.0.15510	2023.3.0.63083.x
foxit / pdf_editor	2024.1.0.23997	2024.4.1.66479.x
foxit / pdf_editor	2025.1.0.27937	2025.2.1.69005.x
foxit / pdf_reader	-	2025.2.1.69005.x

https://www.foxit.com/support/security-bulletins.html

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo