Every CVE whose affected-product data names Sodapdf Soda Pdf, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (9)
CVE-2025-14415 — CVSS 7.8 (high): Soda PDF Desktop Launch Insufficient UI Warning Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute…
CVE-2025-14406 — CVSS 7.8 (high): Soda PDF Desktop Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to…
CVE-2025-14409 — CVSS 7.8 (high): Soda PDF Desktop PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to…
CVE-2025-14412 — CVSS 7.8 (high): Soda PDF Desktop XLS File Insufficient UI Warning Remote Code Execution Vulnerability. This vulnerability allows remote attackers to…
CVE-2025-14410 — CVSS 5.5 (medium): Soda PDF Desktop PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to…
CVE-2025-14411 — CVSS 5.5 (medium): Soda PDF Desktop PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to…
CVE-2025-14407 — CVSS 5.5 (medium): Soda PDF Desktop PDF File Parsing Memory Corruption Information Disclosure Vulnerability. This vulnerability allows remote attackers to…
CVE-2018-18689 — CVSS 5.3 (medium): The Portable Document Format (PDF) specification does not provide any information regarding the concrete procedure of how to validate…
CVE-2025-14408 — CVSS 3.3 (low): Soda PDF Desktop PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to…