← Back to CVE List
CVE-2026-13126NVD
Vulnerability Summary
The embedded JavaScript in the PDF deleted the pages, making the object invalid. The application attempted to perform a write operation on the invalid pop-up annotations, resulting in the program crashing.
CVSS v3.1 Base Metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh