CVE-2026-30291 - Vulnerability Analysis
HighCVSS: 8.4Last Updated: April 3, 2026
Ora Tools PDF Reader Reader & Editor - Arbitrary File Overwrite
Overview
Ora Tools PDF Reader Reader & Editor APPv4.3.5 contains an arbitrary file overwrite vulnerability caused by the file import process, letting attackers overwrite critical internal files leading to code execution or information exposure, exploit requires no special privileges.
Severity & Score
Impact
Attackers can overwrite critical files, leading to arbitrary code execution or exposure of sensitive information.
Mitigation
Update to the latest version.
References
Social Media Activity(1 post)
š CVE-2026-30291 - High (8.4) An arbitrary file overwrite vulnerability in Ora Tools PDF Reader ' Reader & Editor APPv4.3.5 allows attackers to overwrite critical internal files via the file import process, leading to arbitrary code execution or information exposure. š https://www.thehackerwire.com/vulnerability/CVE-2026-30291/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
View original postRelated Resources
Details
- CVE ID
- CVE-2026-30291
- Severity
- High
- CVSS Score
- 8.4
- Type
- file_inclusion
- Status
- unconfirmed
- EPSS
- 1.3%
- Social Posts
- 1
CWE
- CWE-73
CVSS Metrics
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H