CVE Catalog

CVE-2026-13522

MediumCVSS 4.3
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.29%

21th percentile — higher than 21% of all known CVEs

Summary

A security flaw has been discovered in SlimPDFReader up to version 2.0.14 in the function SlimPDFReader!Investintech::PCV::TeighaDo+0x25cde0 of SlimPDFReader.exe. Manipulation leads to an out-of-bounds read. The attack can be initiated remotely.

Risk Assessment

The vulnerability allows remote out-of-bounds memory read, potentially leading to information disclosure or application instability. The product is no longer supported, increasing the risk.

Recommendation

Immediately stop using SlimPDFReader and replace it with a supported alternative. If not possible, restrict access to PDF files and apply additional security measures.

Original NVD description (English source)

A security flaw has been discovered in Investintech SlimPDFReader up to 2.0.14. Affected by this issue is the function SlimPDFReader!Investintech::PCV::TeighaDo+0x25cde0 of the file SlimPDFReader.exe of the component PDF File Handler. Performing a manipulation results in out-of-bounds read. It is possible to initiate the attack remotely. This vulnerability only affects products that are no longer supported by the maintainer.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS