PatchSiren

PatchSiren cyber security CVE debrief

CVE-2025-69627 Gonitro CVE debrief

CVE-2025-69627 is a heap use-after-free vulnerability in Nitro PDF Pro for Windows 14.41.1.4. The vulnerability occurs in the implementation of the JavaScript method this.mailDoc(). An internal XID object is allocated and then freed prematurely, after which the freed pointer is still passed into UI and logging helper functions. This can result in access violations and non-deterministic crashes. Users of Nitro PDF Pro for Windows 14.41.1.4 should apply the vendor's remediation to prevent exploitation of this vulnerability. The CVE record was published on 2026-04-13T16:16:24.867Z and has not been modified since then. The NVD entry is currently Modified.

Vendor
Gonitro
Product
Nitro PDF Pro
CVSS
HIGH 8.4
CISA KEV
Not listed in stored evidence
Original CVE published
2026-04-13
Original CVE updated
2026-07-05
Advisory published
2026-04-13
Advisory updated
2026-07-05

Who should care

Users of Nitro PDF Pro for Windows 14.41.1.4, particularly those in operator roles managing PDF software, platform administrators responsible for maintaining Windows environments, vulnerability management teams assessing software risks, and security teams prioritizing vulnerability remediation based on CVSS scores and asset criticality, should apply the vendor's remediation to prevent exploitation of this vulnerability.

Technical summary

The vulnerability is caused by a heap use-after-free in the implementation of the JavaScript method this.mailDoc() in Nitro PDF Pro for Windows 14.41.1.4. An internal XID object is allocated and then freed prematurely. The freed pointer is still passed into UI and logging helper functions, which can lead to access violations and non-deterministic crashes. This issue arises because the JavaScript method fails to properly handle memory management for the XID object, leading to a use-after-free condition.

Defensive priority

High

Recommended defensive actions

  • Apply the vendor's remediation for Nitro PDF Pro for Windows 14.41.1.4
  • Inventory checks for Nitro PDF Pro for Windows 14.41.1.4
  • Monitoring for suspicious activity related to Nitro PDF Pro for Windows 14.41.1.4
  • Exception tracking for access violations and non-deterministic crashes in Nitro PDF Pro for Windows 14.41.1.4
  • Confirm whether affected product deployments exist in managed environments and assign an owner for follow-up.

Evidence notes

The CVE record was published on 2026-04-13T16:16:24.867Z and was last modified on 2026-07-05T02:17:36.947Z. The NVD entry is currently Modified. Evidence is limited to CVE and NVD information. Defenders should verify Nitro PDF Pro for Windows 14.41.1.4 usage and apply vendor remediation if present.

Official resources

AI-assisted PatchSiren debrief based on the supplied source corpus. The CVE record was published on 2026-04-13T16:16:24.867Z and has not been modified since then. The NVD entry is currently Modified.