Platform
windows
Component
foxit-pdf-services-api
Fixed in
2026.0.1
CVE-2026-5936 describes a Server-Side Request Forgery (SSRF) vulnerability discovered in Foxit PDF Services API. This flaw allows an attacker to manipulate HTTP requests made by the server, potentially leading to unauthorized access to internal resources and sensitive data. The vulnerability affects versions prior to 2026-04-07, and a patch was released on 2026-04-07.
The SSRF vulnerability in Foxit PDF Services API presents a significant risk. An attacker can craft malicious URLs that instruct the API to make requests to arbitrary internal or external destinations. This could be leveraged to scan internal networks for open ports and services, access cloud metadata endpoints (potentially exposing credentials), or bypass network segmentation. Successful exploitation could result in sensitive information disclosure, privilege escalation, and further compromise of the affected environment. The ability to probe internal services makes this vulnerability particularly concerning, as it can be used to map the internal network and identify other potential attack vectors.
CVE-2026-5936 was publicly disclosed on 2026-04-13. The vulnerability's SSRF nature makes it potentially attractive to attackers seeking to map internal networks or access cloud metadata. No public proof-of-concept (POC) code has been published as of the disclosure date, but the SSRF nature of the vulnerability suggests a relatively low barrier to entry for exploitation. It is not currently listed on the CISA KEV catalog.
Exploit Status
EPSS
0.03% (9% percentile)
CISA SSVC
CVSS Vector
The primary mitigation for CVE-2026-5936 is to upgrade Foxit PDF Services API to version 2026-04-07 or later. If immediate upgrading is not possible, consider implementing temporary workarounds such as restricting outbound network access for the API to only necessary destinations. Implement strict URL validation and sanitization to prevent attackers from injecting malicious URLs. Consider deploying a Web Application Firewall (WAF) with SSRF protection rules to filter out suspicious requests. Monitor API logs for unusual outbound connections or requests to unexpected destinations.
Update to version 2026-04-07 or later to mitigate the SSRF vulnerability. This update addresses the possibility of an attacker controlling server-side HTTP requests by supplying a crafted URL. Review the Foxit release notes for specific upgrade instructions.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2026-5936 is a HIGH severity SSRF vulnerability in Foxit PDF Services API allowing attackers to control server-side HTTP requests, potentially accessing internal resources.
You are affected if you are using Foxit PDF Services API versions before 2026-04-07. Upgrade to the patched version to mitigate the risk.
Upgrade to Foxit PDF Services API version 2026-04-07 or later. Implement temporary workarounds like restricting outbound network access if immediate upgrade is not possible.
While no active exploitation has been confirmed, the SSRF nature of the vulnerability makes it a potential target for attackers.
Refer to the official Foxit security advisory for detailed information and updates regarding CVE-2026-5936.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.