Vulnerabilities ›

CVE-2026-8733

Medium

CWE-119 — Weakness Type

                    Published: May 17, 2026                      ·  Modified: May 19, 2026                      ·  Source: NVD                

CVSS v3

6.3

🔗 NVD Official

📄 Description (English)

A vulnerability was found in Investintech SlimPDFReader up to 2.0.13. Affected by this vulnerability is the function sub_3B4610 of the file SlimPDFReader.exe. The manipulation results in stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been made public and could be used. The vendor responded to the initial vulnerability report by the researcher with a note that the product is discontinued. This vulnerability only affects products that are no longer supported by the maintainer.

🤖 AI Executive Summary

A stack-based buffer overflow vulnerability exists in Investintech SlimPDFReader up to version 2.0.13 that can be exploited remotely. The vendor has discontinued the product and will not provide patches, leaving affected systems vulnerable.

📄 Description (Arabic)

تم اكتشاف ثغرة تجاوز المخزن المؤقت المستند إلى المكدس في دالة sub_3B4610 من ملف SlimPDFReader.exe. يمكن استغلال هذه الثغرة عن بعد وتم نشر الاستغلال علنًا. نظرًا لأن البائع توقف عن دعم المنتج، لن تتوفر تصحيحات أمنية.

🤖 ملخص تنفيذي (AI)

ثغرة تجاوز المخزن المؤقت المستند إلى المكدس موجودة في Investintech SlimPDFReader حتى الإصدار 2.0.13 ويمكن استغلالها عن بعد. توقف البائع عن دعم المنتج ولن يوفر تصحيحات أمنية.

🤖 AI Intelligence Analysis Analyzed: May 19, 2026 10:19

🇸🇦 Saudi Arabia Impact Assessment

Saudi Relevance: medium

🏢 Affected Saudi Sectors

banking government healthcare

🎯 MITRE ATT&CK Techniques

T1190 T1203

⚖️ Saudi Risk Score (AI)

7.0

/ 10.0

🔧 Remediation Steps (English)

Discontinue use of SlimPDFReader and migrate to actively maintained PDF readers such as Adobe Reader, Foxit Reader, or open-source alternatives like PDF.js. If immediate migration is not possible, restrict network access to systems running this software and implement application whitelisting controls.

🔧 خطوات المعالجة (العربية)

توقف عن استخدام SlimPDFReader والانتقال إلى قارئات PDF مدعومة مثل Adobe Reader أو Foxit Reader أو بدائل مفتوحة المصدر. إذا لم يكن الانتقال فوريًا ممكنًا، قيد الوصول الشبكي للأنظمة التي تستخدم هذا البرنامج وطبق عناصر التحكم في القائمة البيضاء.

📋 Regulatory Compliance Mapping

🟢 NCA ECC 2024

A.8.1.1 A.12.6.1

🔵 SAMA CSF

ID.AM-2 PR.DS-1

🟡 ISO 27001:2022

A.12.2.1 A.14.2.1

🔗 References & Sources 4

🔗

https://sharing.sit.fraunhofer.de/s/RYcqZbGqgZXxab2

cna@vuldb.com

🔗

https://vuldb.com/submit/809300

cna@vuldb.com

🔗

https://vuldb.com/vuln/364321

cna@vuldb.com

🔗

https://vuldb.com/vuln/364321/cti

cna@vuldb.com

📊 CVSS Score

6.3

/ 10.0 — Medium

📊 CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

Attack VectorN — None / Network

Attack ComplexityL — Low / Local

Privileges RequiredN — None / Network

User InteractionR — Required

ScopeU — Unchanged

ConfidentialityL — Low / Local

IntegrityL — Low / Local

AvailabilityL — Low / Local

📋 Quick Facts

Severity Medium

CVSS Score6.3

CWECWE-119

EPSS0.04%

Exploit No

Patch ✗ No

Published 2026-05-17

Source Feed nvd

🇸🇦 Saudi Risk Score

7.0

/ 10.0 — Saudi Risk

Priority: HIGH

🏷️ Tags

CWE-119

⚡ Actions

🔗 NVD Official Page ⚡ Exploit-DB Search 🐙 GitHub PoC Search 🎯 MITRE ATT&CK 📊 CVE Details

CVE-2026-8733

Introduce Yourself

Sign In Required