CNNVD-202601-3916 Information

CNNVD ID

CNNVD-202601-3916

Related CVE

CVE-2026-23951

• CNNVD Published: 2026-01-22

Description (Chinese)

sumatrapdf是sumatrapdfreader开源的一个PDF阅读器。 SumatraPDF存在数字错误漏洞，该漏洞源于处理特制Mobi文件时存在差一错误和整数下溢，可能导致越界堆读取和应用程序崩溃。

Description (English)

Sumatrapdf is a PDF reader for sumatrapdfreader open source. The SumatraPDF had a digital error loophole, which stemmed from an error and an integer spill in the processing of specially created Mobi files, which could lead to cross-border reading and application collapse.

Hazard Level

High

Vulnerability Type

数字错误

Affected Vendor

sumatrapdfreader

Published

2026-01-22

Last Modified

2026-02-24

References

https://github.com/sumatrapdfreader/sumatrapdf/blob/master/src/PalmDbReader.cpp https://github.com/sumatrapdfreader/sumatrapdf/security/advisories/GHSA-hj4w-c5x8-p2hv https://access.redhat.com/security/cve/cve-2026-23951