CVE-2025-9394 | PDF library PoDoFo 1.1.0-dev PDF Dictionary Parser PdfTokenizer.cpp DetermineDataType use after free (275/276)

A vulnerability labeled as critical has been found in PDF library PoDoFo 1.1.0-dev. This issue affects the function PdfTokenizer::DetermineDataType of the file src/podofo/main/PdfTokenizer.cpp of the component PDF Dictionary Parser. Executing manipulation can lead to use after free.

This vulnerability is handled as CVE-2025-9394. It is possible to launch the attack on the local host. Additionally, an exploit exists.

A patch should be applied to remediate this issue.VulDB Recent EntriesRead More