CNNVD-202602-1257 Information

Feb 09, 2026 cve

CNNVD ID

CNNVD-202602-1257

CVE-2026-25920

CNNVD Published: 2026-02-09

Description (Chinese)

sumatrapdf是sumatrapdfreader开源的一个PDF阅读器。 sumatrapdf 3.5.2及之前版本存在缓冲区错误漏洞，该漏洞源于MOBI HuffDic解压缩器存在堆越界读取，可能导致崩溃。

Description (English)

Sumatrapdf is a PDF reader for sumatrapdfreader open source. Sumatrapdf 3.5.2 and previous versions had an error loophole in the buffer zone, resulting from the presence of a pile of MOBI HuffDic compressors, which could lead to collapse.

Vulnerability Type

缓冲区错误

Affected Vendor

sumatrapdfreader

Published

2026-02-09

Last Modified

2026-02-24

References

https://github.com/sumatrapdfreader/sumatrapdf/blob/916392f94bc34e24f3c3286893ac6d7fa1e1c428/src/MobiDoc.cpp https://github.com/sumatrapdfreader/sumatrapdf/security/advisories/GHSA-5mwx-65x7-cffp https://github.com/sumatrapdfreader/sumatrapdf/commit/12b6887e9dfff874fe8749bab1bdc53d4ff075b3

Patch

https://www.sumatrapdfreader.org/download-free-pdf-viewer

Share on: