CVE-2026-13522
MediumCVSS 4.3Exploitation Probability (EPSS)
Low risk21th percentile — higher than 21% of all known CVEs
Summary
A security flaw has been discovered in SlimPDFReader up to version 2.0.14 in the function SlimPDFReader!Investintech::PCV::TeighaDo+0x25cde0 of SlimPDFReader.exe. Manipulation leads to an out-of-bounds read. The attack can be initiated remotely.
Risk Assessment
The vulnerability allows remote out-of-bounds memory read, potentially leading to information disclosure or application instability. The product is no longer supported, increasing the risk.
Recommendation
Immediately stop using SlimPDFReader and replace it with a supported alternative. If not possible, restrict access to PDF files and apply additional security measures.
Original NVD description (English source)
A security flaw has been discovered in Investintech SlimPDFReader up to 2.0.14. Affected by this issue is the function SlimPDFReader!Investintech::PCV::TeighaDo+0x25cde0 of the file SlimPDFReader.exe of the component PDF File Handler. Performing a manipulation results in out-of-bounds read. It is possible to initiate the attack remotely. This vulnerability only affects products that are no longer supported by the maintainer.

