Cnblogs Pdfpatcher — known CVE vulnerabilities
Every CVE whose affected-product data names Cnblogs Pdfpatcher, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
- CVE-2025-63917 — CVSS 7.1 (high): PDFPatcher thru 1.1.3.4663 executable's XML bookmark import functionality does not restrict XML external entity (XXE) references. The…
- CVE-2025-63918 — CVSS 6.2 (medium): PDFPatcher executable does not validate user-supplied file paths, allowing directory traversal attacks allowing attackers to upload…