Description

The application does not validate the presence of required appearance (AP) data before accessing stamp annotation resources. When a PDF contains a stamp annotation missing its AP entry, the code continues to dereference the associated object without a prior null or validity check, which allows a crafted document to trigger a null pointer dereference and crash the application, resulting in denial of service.

INFO

Published Date :

2026-04-01T01:40:35.260Z

Last Modified :

2026-04-02T02:12:28.499Z

Source :

Foxit
AFFECTED PRODUCTS

The following products are affected by CVE-2026-3776 vulnerability.

Vendors Products
Apple
  • Macos
Foxit
  • Pdf Editor
  • Pdf Reader
Foxitsoftware
  • Foxit Pdf Editor
  • Foxit Reader
Microsoft
  • Windows
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2026-3776.

URL Resource
https://www.foxit.com/support/security-bulletins.html cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact