Question 1

What is CVE-2026-12057 — CVE-2026-12057?

Accepted Answer

When the application executes the JavaScript script embedded in the PDF within the sandbox, it fails to intercept some dangerous interfaces, which allows remote scripts to be loaded, resulting in arbitrary code execution.

Question 2

What is the authoritative source for CVE-2026-12057?

Accepted Answer

CVE-2026-12057 (CVE-2026-12057) is catalogued in NVD + CISA KEV + FIRST EPSS and curated for EU compliance use cases by SQUR.

CVSS	8.6 ()
Vector	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
EPSS	0.13% probability of exploitation · percentile 2.6% · 2026-06-18T12:00:27Z
Last modified	2026-06-16

CVE-2026-12057CVE-2026-12057

Description

Scoring