CVE-2026-3780 HIGH

CVE-2026-3780: Foxit PDF Editor/Reader Installer Uncontrolled Search Path Privilege Escalation

Vendor Foxit Software Inc.
Product Foxit PDF Reader
Weakness CWE-426
Published April 1, 2026
Last update April 2, 2026

CVSS base score

7.3/10
Attack vector Local
Attack complexity Low
Privileges required Low
User interaction Required
Confidentiality High
Integrity High

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

What the vulnerability does

01Description

The application's installer runs with elevated privileges but resolves system executables and DLLs using untrusted search paths that can include user-writable directories, allowing a local attacker to place malicious binaries with the same names and have them loaded or executed instead of the legitimate system files, resulting in local privilege escalation.

Key dates

02Disclosure timeline

April 1, 2026 CVE published
April 2, 2026 Record updated