What is CVE-2026-4947?

CVE-2026-4947 is a high-severity vulnerability in Foxit Software Inc. Na1.foxitesign.foxit.com, classified under Improper Access Control. CVSS score: 7.1/10. Published 2026-04-01.

How severe is CVE-2026-4947?

High severity. CVSS v3 base score is 7.1 out of 10.

Vulnerability in Foxit Software Inc. Na1.foxitesign.foxit.com

CVE-2026-4947

Addressed a potential insecure direct object reference (IDOR) vulnerability in the signing invitation acceptance process. Under certain conditions, this issue could have allowed an attacker to access or modify unauthorized resources by man…

EPSS: 0.000 (11.8th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.1 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N.

Affected products

Foxit Software Inc. Na1.foxitesign.foxit.com — versions before 2026-03-26

Weakness classification (CWE)

CWE-284 — Improper Access Control

References

www.foxit.com/support/security-bulletins.html

Frequently asked questions

What is CVE-2026-4947?: CVE-2026-4947 is a high-severity vulnerability in Foxit Software Inc. Na1.foxitesign.foxit.com, classified under Improper Access Control. CVSS score: 7.1/10. Published 2026-04-01.
How severe is CVE-2026-4947?: High severity. CVSS v3 base score is 7.1 out of 10.