CVE-2025-14412 | Soda PDF Desktop XLS File ui layer (ZDI-25-1085)

December 12, 2025 Yanac

A vulnerability was found in Soda PDF Desktop. It has been rated as problematic. Affected by this issue is some unknown functionality of the component XLS File Handler. The manipulation leads to improper restriction of rendered ui layers.

This vulnerability is documented as CVE-2025-14412. The attack can be initiated remotely. There is not any exploit available.VulDB Recent EntriesRead More

CVE-2025-14409 | Soda PDF Desktop PDF File Parser out-of-bounds write (ZDI-25-1082)
CVE-2025-14413 | Soda PDF Desktop CBZ File Parser path traversal (ZDI-25-1086)