CVE-2026-25880

{"id": "CVE-2026-25880", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "[email protected]", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.8}]}, "published": "2026-02-09T22:16:03.267", "references": [{"url": "https://github.com/sumatrapdfreader/sumatrapdf/security/advisories/GHSA-5x4h-247q-px37", "tags": ["Vendor Advisory", "Exploit"], "source": "[email protected]"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "[email protected]", "description": [{"lang": "en", "value": "CWE-426"}]}], "descriptions": [{"lang": "en", "value": "SumatraPDF is a multi-format reader for Windows. In 3.5.2 and earlier, the PDF reader allows execution of a malicious binary (explorer.exe) located in the same directory as the opened PDF when the user clicks File \u2192 \u201cShow in folder\u201d. This behavior leads to arbitrary code execution on the victim\u2019s system with the privileges of the current user, without any warning or user interaction beyond the menu click."}, {"lang": "es", "value": "SumatraPDF es un lector multiformato para Windows. En la versi\u00f3n 3.5.2 y anteriores, el lector de PDF permite la ejecuci\u00f3n de un binario malicioso (explorer.exe) ubicado en el mismo directorio que el PDF abierto cuando el usuario hace clic en Archivo ? 'Mostrar en carpeta'. Este comportamiento conduce a la ejecuci\u00f3n de c\u00f3digo arbitrario en el sistema de la v\u00edctima con los privilegios del usuario actual, sin ninguna advertencia ni interacci\u00f3n del usuario m\u00e1s all\u00e1 del clic en el men\u00fa."}], "lastModified": "2026-02-23T18:14:13.717", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:sumatrapdfreader:sumatrapdf:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3D48C2C6-E8BC-471E-B59A-236F038EBC0C", "versionEndIncluding": "3.5.2"}], "operator": "OR"}]}], "sourceIdentifier": "[email protected]"}