CVE-2021-38570

9.1 CRITICAL

An issue was discovered in Foxit Reader and PhantomPDF before 10.1.4

Published: 2021-08-11 · Last updated: 2026-06-17

Severity and scoring

CVSS: 9.1 CRITICAL
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
CWE: CWE-59

Affected products

Vendor	Product
foxitsoftware	foxit_reader, phantompdf

Description

An issue was discovered in Foxit Reader and PhantomPDF before 10.1.4. It allows attackers to delete arbitrary files (during uninstallation) via a symlink.

Source: NVD

References

[NVD]https://nvd.nist.gov/vuln/detail/CVE-2021-38570
[Vendor advisory]https://www.foxitsoftware.com/support/security-bulletins.php
[Vendor advisory]https://www.foxitsoftware.com/support/security-bulletins.php

Related CVEs

Same vendor

CVE-2021-38574 — An issue was discovered in Foxit Reader and PhantomPDF before 10.1.4 (9.8 CRITICAL)
CVE-2021-38573 — An issue was discovered in Foxit Reader and PhantomPDF before 10.1.4 (9.8 CRITICAL)
CVE-2021-38572 — An issue was discovered in Foxit Reader and PhantomPDF before 10.1.4 (9.8 CRITICAL)
CVE-2021-38571 — An issue was discovered in Foxit Reader and PhantomPDF before 10.1.4 (7.8 HIGH)
CVE-2021-38569 — An issue was discovered in Foxit Reader and PhantomPDF before 10.1.4 (7.5 HIGH)

Same CWE

CVE-2026-50656 — Microsoft is aware of an elevation of privilege in the Microsoft Malware Protection Engine in Microsoft Defender publicly referred to as ... (7.8 HIGH)
CVE-2026-54230 — A symlink following vulnerability was found in the ABRT post-create event handler scripts in libreport (7.0 HIGH)
CVE-2026-54056 — Kitty is a cross-platform GPU based terminal (7.6 HIGH)
CVE-2026-54055 — Kitty is a cross-platform GPU based terminal (5.0 MEDIUM)
CVE-2025-46293 — This issue was addressed with improved handling of symlinks (5.5 MEDIUM)