What is CVE-2026-12057?

CVE-2026-12057 is a high-severity vulnerability in Foxit Software Inc. Ai, classified under Inclusion of Functionality from Untrusted Control Sphere. CVSS score: 8.6/10. Published 2026-06-15.

How severe is CVE-2026-12057?

High severity. CVSS v3 base score is 8.6 out of 10.

Vulnerability in Foxit Software Inc. Ai

CVE-2026-12057

When the application executes the JavaScript script embedded in the PDF within the sandbox, it fails to intercept some dangerous interfaces, which allows remote scripts to be loaded, resulting in arbitrary code execution.

CVSS v3 metric

CVSS v3 base score 8.6 (High). Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H.

Affected products

Foxit Software Inc. Ai — versions before 2026-06-15

Weakness classification (CWE)

CWE-829 — Inclusion of Functionality from Untrusted Control Sphere

References

14984358-7092-470d-8f34-ade47a7658a2

Frequently asked questions

What is CVE-2026-12057?: CVE-2026-12057 is a high-severity vulnerability in Foxit Software Inc. Ai, classified under Inclusion of Functionality from Untrusted Control Sphere. CVSS score: 8.6/10. Published 2026-06-15.
How severe is CVE-2026-12057?: High severity. CVSS v3 base score is 8.6 out of 10.