CVE-2026-3779

High CVSS: 7.8

The application's list box calculate array logic keeps stale references to page or form objects after they are deleted or re-created, which allows crafted documents to trigger a use-after-free when the calculation runs and can potentially lead to arbitrary code execution.

Vendor

Product

CWE

CWE-416

Yayın Tarihi

2026-04-01 02:16:03

Güncelleme

2026-04-01 14:23:37

Source Identifier

14984358-7092-470d-8f34-ade47a7658a2

KEV Date Added

Kategoriler

CWE-416 HIGH 2026

Referanslar

https://www.foxit.com/support/security-bulletins.html https://www.talosintelligence.com/vulnerability_reports/TALOS-2026-2365