PatchSiren cyber security CVE debrief
CVE-2026-8733 Investintech CVE debrief
CVE-2026-8733 describes a stack-based buffer overflow in Investintech SlimPDFReader up to 2.0.13, affecting the SlimPDFReader.exe function identified as sub_3B4610. The issue is remotely reachable and the source record notes a public exploit claim. Because the vendor’s response states the product is discontinued, remediation is likely to require removal, replacement, or isolation rather than patching. The CVE was published on 2026-05-17 and is not listed in CISA KEV.
- Vendor
- Investintech
- Product
- SlimPDFReader
- CVSS
- LOW 2.1
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-05-17
- Original CVE updated
- 2026-05-18
- Advisory published
- 2026-05-17
- Advisory updated
- 2026-05-18
Who should care
Security and IT teams still running SlimPDFReader 2.0.13 or earlier, especially on systems that can receive untrusted documents or remote content. Desktop support, vulnerability management, and endpoint protection teams should also review exposure because the product is discontinued.
Technical summary
The source record attributes CVE-2026-8733 to a stack-based buffer overflow in SlimPDFReader.exe, function sub_3B4610. NVD records CWE-119 and CWE-121, and the CVSS v4 vector indicates network reachability with user interaction required. The affected versions are described as SlimPDFReader up to 2.0.13. The vendor response in the source description indicates the product is discontinued, so no supported remediation path is evident from the corpus.
Defensive priority
Medium for any environment still using the product; higher if the application is exposed to untrusted inputs or embedded in workflows that process externally supplied files. The lack of vendor support raises operational risk even though the listed CVSS score is low.
Recommended defensive actions
- Inventory all endpoints and servers for SlimPDFReader installations, including version 2.0.13 and earlier.
- If the product is still in use, plan migration to a supported PDF reader or alternative workflow.
- Remove or isolate the application from systems that process untrusted or externally sourced content.
- Apply endpoint controls that reduce document-triggered attack surface, such as application allowlisting and attachment/content filtering.
- Treat any installation as unsupported and prioritize decommissioning over patch-based remediation.
- Monitor for references to CVE-2026-8733 in asset and vulnerability management tooling, and verify whether any systems remain exposed.
- If removal is not immediately possible, restrict execution to the minimum required users and systems.
- Validate that security teams are aware there is no confirmed vendor patch in the supplied corpus.
Evidence notes
The supplied source corpus ties the vulnerability to SlimPDFReader up to 2.0.13, identifies a stack-based buffer overflow in SlimPDFReader.exe sub_3B4610, and notes that the attack is remotely possible. The corpus also states that the vendor responded the product is discontinued. NVD metadata marks the record as received and lists CWE-119 and CWE-121. No KEV entry is present in the provided timeline.
Official resources
Published 2026-05-17. The provided timeline does not show KEV inclusion, and the source description indicates the affected product is discontinued.