https://blog.qife122.com/tags/cve-2025-14420/ Recent content in CVE-2025-14420 on 办公AI智能小助手 Hugo zh-cn qife Sun, 28 Dec 2025 17:09:22 +0800 https://blog.qife122.com/p/pdf-architect-%E8%B7%AF%E5%BE%84%E9%81%8D%E5%8E%86%E6%BC%8F%E6%B4%9E%E6%B7%B1%E5%BA%A6%E8%A7%A3%E6%9E%90cbz%E6%96%87%E4%BB%B6%E8%A7%A3%E6%9E%90%E7%BC%BA%E9%99%B7%E5%8F%AF%E5%AF%BC%E8%87%B4%E8%BF%9C%E7%A8%8B%E4%BB%A3%E7%A0%81%E6%89%A7%E8%A1%8C/ Sun, 28 Dec 2025 17:09:22 +0800 https://blog.qife122.com/p/pdf-architect-%E8%B7%AF%E5%BE%84%E9%81%8D%E5%8E%86%E6%BC%8F%E6%B4%9E%E6%B7%B1%E5%BA%A6%E8%A7%A3%E6%9E%90cbz%E6%96%87%E4%BB%B6%E8%A7%A3%E6%9E%90%E7%BC%BA%E9%99%B7%E5%8F%AF%E5%AF%BC%E8%87%B4%E8%BF%9C%E7%A8%8B%E4%BB%A3%E7%A0%81%E6%89%A7%E8%A1%8C/ <h1 id="cve-2025-14420cwe-22-pdfforge-pdf-architect-中路径名限制不当导致的路径遍历漏洞">CVE-2025-14420：CWE-22: pdfforge PDF Architect 中路径名限制不当导致的路径遍历漏洞</h1> <p><strong>严重性：高</strong> <strong>类型：漏洞</strong> <strong>CVE：CVE-2025-14420</strong></p> <p>pdfforge PDF Architect CBZ 文件解析目录遍历远程代码执行漏洞。此漏洞允许远程攻击者在受影响的 pdfforge PDF Architect 安装上执行任意代码。利用此漏洞需要用户交互，即目标必须访问恶意页面或打开恶意文件。</p>