PatchSiren

Investintech CVE debriefs

These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.

LOW Investintech CVE published 2026-06-29

CVE-2026-13522

CVE-2026-13522 is a security flaw discovered in Investintech SlimPDFReader up to version 2.0.14. The vulnerability affects the PDF File Handler component, specifically the function SlimPDFReader!Investintech::PCV::TeighaDo+0x25cde0 in the file SlimPDFReader.exe. This issue allows for an out-of-bounds read, which can be exploited remotely. It is noted that this vulnerability only affects products that are [truncated]

LOW Investintech CVE published 2026-05-17

CVE-2026-8733

CVE-2026-8733 describes a stack-based buffer overflow in Investintech SlimPDFReader up to 2.0.13, affecting the SlimPDFReader.exe function identified as sub_3B4610. The issue is remotely reachable and the source record notes a public exploit claim. Because the vendor’s response states the product is discontinued, remediation is likely to require removal, replacement, or isolation rather than patching. The [truncated]