CVE 8.6 HIGH

DoS + Remote Code Execution via PDF JavaScript in Foxit AI_CVE-2026-12057

June 15, 2026 invoker category_cve

8.6 / 10

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

Description

When the application executes the JavaScript script embedded in the PDF within the sandbox, it fails to intercept some dangerous interfaces, which allows remote scripts to be loaded, resulting in arbitrary code execution.

AI Analysis

Remote code execution via PDF JavaScript in Foxit AI

Basic Information

ID CVE-2026-12057

Source Foxit

Published Jun 15, 2026 at 10:21

Affected Product

Vendor Foxit Software Inc.

Product Foxit AI

Version before 2026-06-15

Affected Versions Foxit Software Inc. Foxit AI before 2026-06-15

CWE Classification

CWE-829

AI Assessment

AI Score 8.6 / 10

AI Severity High

Vendor Foxit Software Inc.

Product Foxit AI

Version before 2026-06-15

References

www.foxit.com /support/security-bulletins.html

{
    "lastseen": "",
    "description": "When the application executes the JavaScript script embedded in the PDF within the sandbox, it fails to intercept some dangerous interfaces, which allows remote scripts to be loaded, resulting in arbitrary code execution.",
    "published": "2026-06-15T10:21:22.196Z",
    "modified": "2026-06-15T10:21:22.196Z",
    "type": "cve",
    "title": "DoS + Remote Code Execution via PDF JavaScript in Foxit AI",
    "source": "Foxit",
    "references": "https://www.foxit.com/support/security-bulletins.html",
    "id": "CVE-2026-12057",
    "bulletinFamily": "",
    "cwe": [
        "CWE-829"
    ],
    "cvelist": null,
    "sourceData": "Foxit Software Inc. Foxit AI before 2026-06-15",
    "sourceHref": "",
    "cvss": {
        "score": 8.6,
        "severity": "HIGH",
        "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Foxit AI",
    "version": "before 2026-06-15",
    "vendor": "Foxit Software Inc.",
    "ai_description": "Remote code execution via PDF JavaScript in Foxit AI",
    "ai_severity": "High",
    "ai_vendor": "Foxit Software Inc.",
    "ai_product": "Foxit AI",
    "ai_version": "before 2026-06-15",
    "ai_score": 8.6
}

💭 Join the Security Discussion ❌ Cancel Reply