CVE-2025-9394 – PoDoFo PDF Dictionary Parser Use After Free Vulnerability

August 24, 2025

CVE ID : CVE-2025-9394

Published : Aug. 24, 2025, 4:15 p.m. | 8 hours, 42 minutes ago

Description : A flaw has been found in PoDoFo 1.1.0-dev. This issue affects the function PdfTokenizer::DetermineDataType of the file src/podofo/main/PdfTokenizer.cpp of the component PDF Dictionary Parser. Executing manipulation can lead to use after free. It is possible to launch the attack on the local host. The exploit has been published and may be used. This patch is called 22d16cb142f293bf956f66a4d399cdd65576d36c. A patch should be applied to remediate this issue.

Severity: 5.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-9395 – Wangsongyan Wblog SRFO (Server-Side Request Forgery)

Next Article CVE-2025-9393 – “Linksys RE Series Stack-Based Buffer Overflow Vulnerability”

A Week In The Life Of An AI-Augmented Designer

This week in AI updates: Gemini Code Assist Agent Mode, GitHub’s Agents panel, and more (August 22, 2025)

Microsoft adds Copilot-powered debugging features for .NET in Visual Studio

Blackstone portfolio company R Systems Acquires Novigo Solutions, Strengthening its Product Engineering and Full-Stack Agentic-AI Capabilities

Google Pixel 10 Pro vs. iPhone 16 Pro: I’ve used both handsets, and there’s a clear winner

Master these 48 Windows keyboard shortcuts and finish work early

Why the Pixel 10 is making this longtime iPhone user reconsider their next phone

Google Pixel 10 Pro Fold vs. Samsung Galaxy Z Fold 7: I compared both Androids, and here’s the winner

PERFIXION 2025: Powering AI Ideas

PERFIXION 2025: Powering AI Ideas

MongoDB Data Types

Building Cross-Platform Alerts with Laravel’s Notification Framework

Gears of War returns, Helldivers 2 jumps ship, and Xbox players win big — Xbox’s Aug 25–31 lineup proves the console war is getting interesting again

Gears of War returns, Helldivers 2 jumps ship, and Xbox players win big — Xbox’s Aug 25–31 lineup proves the console war is getting interesting again

Reports say Windows 11 update is bricking drives — is yours on the list?

Razer finally remembered I don’t live in China, so now we can all get this cool Gengar gaming headset

CVE-2025-9394 – PoDoFo PDF Dictionary Parser Use After Free Vulnerability

Malicious Go Module Poses as SSH Brute-Force Tool, Steals Credentials via Telegram Bot

CVE-2025-8208 – Spexo Addons for Elementor WordPress Stored Cross-Site Scripting

SharePoint Document Libraries Set For a Major Redesign

CVE-2025-30147 – Hyperledger Besu EC Point Crafting Vulnerability

ByteDance Introduces QuaDMix: A Unified AI Framework for Data Quality and Diversity in LLM Pretraining

Did Phil Spencer Dropped Hint of Halo: Combat Evolved Remaster Coming in 2026?

How Global Calibration Strengthens Multiaccuracy

What Are the Different Font Styles?

CVE-2025-7149 – Campcodes Advanced Online Voting System SQL Injection Vulnerability

CVE-2025-47858 – Apache HTTP Server Cross-Site Request Forgery

CVE-2025-9394 – PoDoFo PDF Dictionary Parser Use After Free Vulnerability

Related Posts