{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-30T06:48:25.093","vulnerabilities":[{"cve":{"id":"CVE-2026-25961","sourceIdentifier":"security-advisories@github.com","published":"2026-02-09T22:16:04.750","lastModified":"2026-02-20T20:22:32.817","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"SumatraPDF is a multi-format reader for Windows. In 3.5.0 through 3.5.2, SumatraPDF's update mechanism disables TLS hostname verification (INTERNET_FLAG_IGNORE_CERT_CN_INVALID) and executes installers without signature checks. A network attacker with any valid TLS certificate (e.g., Let's Encrypt) can intercept the update check request, inject a malicious installer URL, and achieve arbitrary code execution."},{"lang":"es","value":"SumatraPDF es un lector multiformato para Windows. En las versiones 3.5.0 a 3.5.2, el mecanismo de actualización de SumatraPDF deshabilita la verificación del nombre de host TLS (INTERNET_FLAG_IGNORE_CERT_CN_INVALID) y ejecuta instaladores sin comprobaciones de firma. Un atacante de red con cualquier certificado TLS válido (por ejemplo, Let's Encrypt) puede interceptar la solicitud de comprobación de actualización, inyectar una URL de instalador malicioso y lograr la ejecución de código arbitrario."}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.6,"impactScore":5.9},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.6,"impactScore":5.9}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Primary","description":[{"lang":"en","value":"CWE-295"},{"lang":"en","value":"CWE-494"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-494"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:sumatrapdfreader:sumatrapdf:*:*:*:*:*:*:*:*","versionStartIncluding":"3.5","versionEndIncluding":"3.5.2","matchCriteriaId":"35B34851-E186-4558-A6E4-CCE41DFEC9E1"}]}]}],"references":[{"url":"https://github.com/sumatrapdfreader/sumatrapdf/security/advisories/GHSA-xpm2-rr5m-x96q","source":"security-advisories@github.com","tags":["Exploit","Vendor Advisory"]}]}}]}