CNNVD-202601-2362 Information

CNNVD ID

CNNVD-202601-2362

Related CVE

CVE-2026-23512

• CNNVD Published: 2026-01-14

Description (Chinese)

sumatrapdf是sumatrapdfreader开源的一个PDF阅读器。 sumatrapdf 3.5.2及之前版本存在代码问题漏洞，该漏洞源于执行notepad.exe时未指定绝对路径，可能导致任意代码执行。

Description (English)

Sumatrapdf is a PDF reader for sumatrapdfreader open source. Sumatrapdf 3.5.2 and previous versions had a code gap, which stemmed from the fact that notepad.exe was executed without an absolute path and could lead to arbitrary code execution.

Hazard Level

Medium

Vulnerability Type

代码问题

Affected Vendor

sumatrapdfreader

Published

2026-01-14

Last Modified

2026-02-24

References

https://github.com/sumatrapdfreader/sumatrapdf/security/advisories/GHSA-rqg5-gj63-x4mv https://github.com/sumatrapdfreader/sumatrapdf/commit/2762e02a8cd7cb779c934a44257aac56ab7de673 https://access.redhat.com/security/cve/cve-2026-23512