What is CVE-2026-3780?

CVE-2026-3780 is a high-severity vulnerability in Foxit Pdf_editor, classified under Untrusted Search Path. CVSS score: 7.3/10. Published 2026-04-01.

How severe is CVE-2026-3780?

High severity. CVSS v3 base score is 7.3 out of 10.

Vulnerability in Foxit Pdf_editor

CVE-2026-3780

The application's installer runs with elevated privileges but resolves system executables and DLLs using untrusted search paths that can include user-writable directories, allowing a local attacker to place malicious binaries with the same…

EPSS: 0.000 (3.0th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.3 (High). Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H.

Affected products

Foxit Pdf_editor
Foxit Pdf_reader
Foxit Software Inc. Pdf Editor — versions Versions 2025.3 and earlier, Versions 14.0.2 and earlier
Foxit Software Inc. Pdf Reader — versions Versions 2025.3 and earlier
Microsoft Windows

Weakness classification (CWE)

CWE-426 — Untrusted Search Path

References

14984358-7092-470d-8f34-ade47a7658a2 (Vendor Advisory)

Frequently asked questions

What is CVE-2026-3780?: CVE-2026-3780 is a high-severity vulnerability in Foxit Pdf_editor, classified under Untrusted Search Path. CVSS score: 7.3/10. Published 2026-04-01.
How severe is CVE-2026-3780?: High severity. CVSS v3 base score is 7.3 out of 10.