PDF-XChange Editor is a software tool developed by Tracker Software Products that allows users to create, view, edit, annotate, OCR and digitally sign PDF files. It's known for its ability to create fillable forms and to edit text and images in PDF documents, as well as a variety of other advanced features. It's a robust, yet lightweight and highly customizable PDF viewer, editor and converter.

PDF-XChange Editor

An out-of-bounds read vulnerability exists in the EMF functionality of PDF-XChange Co. Ltd PDF-XChange Editor 10.6.0.396.  By using a specially crafted EMF file, an attacker could exploit this vulnerability to perform an out-of-bounds read, potentially leading to the disclosure of sensitive information.

CVE ID	Severity	Score	Technologies	Component name	CISA KEV exploit	Has fix	Published date
CVE-2025-64086	HIGH	7.5	PDF-XChange Editor	cpe:2.3:a:pdf-xchange:pdf-xchange_editor	No	No	Dec 09, 2025
CVE-2025-64085	HIGH	7.5	PDF-XChange Editor	cpe:2.3:a:pdf-xchange:pdf-xchange_editor	No	No	Dec 09, 2025
CVE-2025-58113	MEDIUM	6.5	PDF-XChange Editor	cpe:2.3:a:pdf-xchange:pdf-xchange_editor	No	No	Dec 02, 2025
CVE-2025-47152	MEDIUM	6.5	PDF-XChange Editor	cpe:2.3:a:pdf-xchange:pdf-xchange_editor	No	No	Aug 05, 2025
CVE-2025-27931	MEDIUM	6.5	PDF-XChange Editor	cpe:2.3:a:pdf-xchange:pdf-xchange_editor	No	Yes	Aug 05, 2025

CVE-2025-47152:
PDF-XChange Editor vulnerability analysis and mitigation

6.5

Related PDF-XChange Editor vulnerabilities:

Benchmark your Cloud Security Posture

Additional Wiz resources

Cloud Vulnerability DB

Cloud Threat Landscape

PEACH

Ready to see Wiz in action?

CVE-2025-47152: PDF-XChange Editor vulnerability analysis and mitigation