Vulnerabilities in Popular PDF Platforms Allowed Account Takeover, Data Exfiltration
SecurityWeek reports on Novee’s AI-driven research uncovering 16 PDF platform vulnerabilities
Researchers have identified more than a dozen vulnerabilities in popular PDF platforms from Foxit and Apryse, demonstrating how attackers could have exploited them for account takeover, data exfiltration, and other attacks.
The vulnerabilities were discovered by researchers at penetration testing startup Novee, which emerged from stealth mode in January 2026 with over $51 million in funding.
Novee’s analysis – powered by specialized AI agents – led to the discovery of 16 vulnerabilities across Apryse and Foxit products. One critical and two high-severity vulnerabilities were found in Apryse products, and two high-severity and 11 medium-severity issues were identified in Foxit products.
“From a defender’s perspective, this means that a component long assumed to be low risk can quietly become a high-impact attack surface,” Novee said.
Read the full article at SecurityWeek →
Originally published in SecurityWeek on February 18, 2026 by Eduard Kovacs
