CVE-2025-59803
MEDIUMDescription
Foxit PDF Editor and Reader before 2025.2.1 allow signature spoofing via triggers. An attacker can embed triggers (e.g., JavaScript) in a PDF document that execute during the signing process. When a signer reviews the document, the content appears normal. However, once the signature is applied, the triggers modify content on other pages or optional content layers without explicit warning. This can cause the signed PDF to differ from what the signer saw, undermining the trustworthiness of the digital signature. The fixed versions are 2025.2.1, 14.0.1, and 13.2.1.
Is your site exposed to CVE-2025-59803?
Run a free security scan — no signup, results in seconds.
CVSS v3.1 Score
Weakness Type (CWE)
Affected Products
| Vendor | Product |
|---|---|
| foxit | pdf_editor |
| foxit | pdf_editor |
| foxit | pdf_editor |
| foxit | pdf_editor |
| foxit | pdf_editor |
| foxit | pdf_editor |
| foxit | pdf_reader |
| apple | macos |
| foxit | pdf_editor |
| foxit | pdf_editor |
| foxit | pdf_editor |
| foxit | pdf_editor |
| foxit | pdf_editor |
| foxit | pdf_editor |
| foxit | pdf_reader |
| microsoft | windows |
References
Advisories & Patches
Frequently Asked Questions
What is CVE-2025-59803? +
How severe is CVE-2025-59803? +
What products are affected by CVE-2025-59803? +
How do I check if I'm vulnerable to CVE-2025-59803? +
Related Vulnerabilities
The firmware update mechanism does not include cryptographic signature validation. This allows anyone with access to the firmware update capability …
DataEase is an open source data visualization and analysis tool. Prior to 2.10.23, DataEase enterprise token handling can let TokenFilter#doFilter() …
The Microsoft 365 and Microsoft Entra ID Plugins for Moodle provide Office 365 and Azure Active Directory integration for Moodle. …
OpenLearnX is an open-source, decentralized learning and assessment platform. Prior to 2.0.4, a critical authentication vulnerability was identified in OpenLearnX …
Hyperbridge is a hyper-scalable coprocessor for verifiable, cross-chain interoperability. A critical vulnerability was discovered in the ismp-grandpa crate, that allowed …
aes-gcm is a pure Rust implementation of the AES-GCM. In decrypt_in_place_detached, the decrypted ciphertext (which is the correct ciphertext) is …