Key Information from the Vulnerability Report CVE Number CVE-2025-58113 Summary An out-of-bounds read vulnerability exists in the EMF functionality of PDF-XChange Co. Ltd PDF-XChange Editor 10.7.3.401. By using a specially crafted EMF file, an attacker could exploit this vulnerability to perform an out-of-bounds read, potentially leading to the disclosure of sensitive information. Confirmed Vulnerable Versions PDF-XChange Co. Ltd PDF-XChange Editor 10.7.3.401 CVSSv3 Score 6.5 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N CWE CWE-125 - Out-of-bounds Read Details Affected Software: PDF-XChange Editor is a powerful and feature-rich PDF viewer and editor that supports the conversion of EMF files into PDFs. The vulnerability is related to the processing of EMF files during conversion. Vulnerability Type: The vulnerability is associated with the record type in EMF files. Vulnerability Condition: The of the record is smaller than 0x34 while is zero. This causes the application to attempt to read the field even though the record does not contain enough data, leading to an out-of-bounds read. Exploitation Impact: Exploiting this vulnerability allows for the reading of arbitrary memory within the process, potentially disclosing sensitive information. Timeline 2025-10-23: Vendor Disclosure 2025-10-28: Vendor Patch Release 2025-12-02: Public Release Credit Discovered by KPC of Cisco Talos.