We often think of a PDF file (Portable Document Format file) as a simple digital version of a printed document. However, new research shared with Hackread.com reveals that these everyday tools have become complex “application stacks” that hackers can use as a doorway into private networks.
The team at Novee Security recently inspected two major PDF systems: Foxit and Apryse. Their study, released on February 18th, 2026, identified 13 vulnerability categories and 16 total ways a system could be hacked.
It is worth noting that these aren’t minor glitches; these zero-day vulnerabilities could allow attackers to take over accounts or run commands on a company’s backend servers without needing to break into the browser or operating system directly.
Hunting for Bugs with AI
As we know it, finding security holes in massive amounts of code is a huge challenge. To speed things up, researchers used a “human-agent” approach; they first identified the “scent” of a vulnerability (the specific patterns where a program might be weak) and then taught these patterns to an AI “swarm.”
They found that this AI swarm could scan through scrambled code much faster than a person. This method allowed them to find high-impact problems that standard tools often miss. One discovery was a Critical flaw in the Foxit signature server, which handles digital signatures for legal documents.
“Our strategy involved a human-agent symbiosis: our researchers manually identified foundational vulnerability patterns, which were then taught to the Novee agent. Once the agent internalized the “scent” of these bugs, it autonomously explored the massive attack surface of both vendors. The result was the discovery of 13 distinct vulnerability categories, ranging from critical XSS to OS Command Injection,” researchers explained.
How a One-Click Attack Works
Some of the most worrying finds were one-click attacks, where simply opening a document or clicking a link triggers the trap. Key identified risks include:
- CVE-2025-70402 and CVE-2025-70400: Flaws in Apryse WebViewer, where the system trusts remote configuration files it shouldn’t, allowing hackers to run malicious code via a link.
- CVE-2025-70401: Researchers also found they could hide a script in the “Author” name of a PDF comment. As soon as a victim types one character in the notes, the script runs to steal login data.
- CVE-2025-66500: Foxit’s web plugins had a similar weakness where an attacker could send a fake message to trick the plugin into running a harmful script.
In a live test, the AI agent even found it could send a simple request to a server and get it to “execute the injected command,” giving the researchers full control over that part of the system.
A Shared Responsibility
According to Novee Security’s blog post, the problem is that modern PDF tools are now built like advanced websites, using iframes and server-side rendering, yet many companies still treat them as low-risk files. This leads to what researchers call “trust boundary” failures, where the software trusts data it should be double-checking.
The good news is that Novee Security worked with the makers before going public. Both Foxit and Apryse have been notified, and the official CVE numbers ensure these holes are being patched. The full list of identified vulnerabilities is available here.
Deeba Ahmed
