CVE-2026-23512

Published: Jan 14, 2026Modified: Feb 3, 2026

7.8

Vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: NVD

Description

SumatraPDF is a multi-format reader for Windows. In 3.5.2 and earlier, there is a Untrusted Search Path vulnerability when Advanced Options setting is trigger. The application executes notepad.exe without specifying an absolute path when using the Advanced Options setting. On Windows, this allows execution of a malicious notepad.exe placed in the application's installation directory, leading to arbitrary code execution.

Affected (1)

Products: Sumatrapdfreader: Sumatrapdf

Sumatrapdfreader

1 product

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Sumatrapdfreader Sumatrapdf	Up to 3.5.2

Running on/with	Platform Versions
Microsoft Windows	All versions

Related CWEs

Untrusted Search Path

The product searches for critical resources using an externally-supplied search path that can point to resources that are not under the product's direct control.

References (2)

https://github.com/sumatrapdfreader/sumatrapdf/commit/2762e02a8cd7cb779c934a44257aac56ab7de673

Source: security-advisories@github.com

Patch

https://github.com/sumatrapdfreader/sumatrapdf/security/advisories/GHSA-rqg5-gj63-x4mv

Source: security-advisories@github.com

ExploitVendor Advisory

Timeline

No history available yet.