{"dataType": "CVE_RECORD", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2026-30276", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "dateUpdated": "2026-04-01T18:16:00.742Z", "dateReserved": "2026-03-04T00:00:00.000Z", "datePublished": "2026-03-31T00:00:00.000Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2026-03-31T15:39:44.456Z"}, "descriptions": [{"lang": "en", "value": "An arbitrary file overwrite vulnerability in DeftPDF Document Translator v54.0 allows attackers to overwrite critical internal files via the file import process, leading to arbitrary code execution or information exposure."}], "affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"version": "n/a", "status": "affected"}]}], "references": [{"url": "https://secsys.fudan.edu.cn/"}, {"url": "https://deftpdf.com/"}, {"url": "https://github.com/Secsys-FDU/AF_CVEs/issues/22"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "n/a"}]}]}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-73", "lang": "en", "description": "CWE-73 External Control of File Name or Path"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2026-04-01T18:15:37.067617Z", "id": "CVE-2026-30276", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-01T18:16:00.742Z"}}]}, "dataVersion": "5.2"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2026-30276", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-04-01T18:15:37.067617Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-73", "description": "CWE-73 External Control of File Name or Path"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-01T18:15:56.962Z"}}], "cna": {"affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "references": [{"url": "https://secsys.fudan.edu.cn/"}, {"url": "https://deftpdf.com/"}, {"url": "https://github.com/Secsys-FDU/AF_CVEs/issues/22"}], "descriptions": [{"lang": "en", "value": "An arbitrary file overwrite vulnerability in DeftPDF Document Translator v54.0 allows attackers to overwrite critical internal files via the file import process, leading to arbitrary code execution or information exposure."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "text", "description": "n/a"}]}], "providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2026-03-31T15:39:44.456Z"}}}, "cveMetadata": {"cveId": "CVE-2026-30276", "state": "PUBLISHED", "dateUpdated": "2026-04-01T18:16:00.742Z", "dateReserved": "2026-03-04T00:00:00.000Z", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "datePublished": "2026-03-31T00:00:00.000Z", "assignerShortName": "mitre"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:deftpdf:document_translator:54.0:*:*:*:*:android:*:*", "matchCriteriaId": "213D7F67-1E3F-49B2-A7FA-22ED1F178987", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "An arbitrary file overwrite vulnerability in DeftPDF Document Translator v54.0 allows attackers to overwrite critical internal files via the file import process, leading to arbitrary code execution or information exposure."}], "id": "CVE-2026-30276", "lastModified": "2026-04-06T15:13:59.763", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2026-03-31T16:16:29.683", "references": [{"source": "cve@mitre.org", "tags": ["Product"], "url": "https://deftpdf.com/"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Third Party Advisory"], "url": "https://github.com/Secsys-FDU/AF_CVEs/issues/22"}, {"source": "cve@mitre.org", "tags": ["Not Applicable"], "url": "https://secsys.fudan.edu.cn/"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-73"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "54.0"}}], "enrichment": {"confidence": 90.0, "confidence_source": "inferred", "scores": [{"score": 90.0, "source": "inferred"}]}, "original": {"product": "n/a", "source": "cna", "vendor": "n/a"}, "product": "document_translator", "vendor": "deftpdf"}], "analysis": {"en": {"generated_at": "2026-04-06T18:21:09.966352+00:00", "value": {"mitigation_remediation": ["Apply any available vendor patch or upgrade to a newer version that removes the unsafe file overwrite logic.", "Disable or remove the file import functionality until a fix is released.", "Restrict the application's file write permissions so it cannot modify protected system files.", "Monitor devices for unexpected file changes or newly created executables that may indicate exploitation."], "summary": {"action": "Immediate Patch", "impact": "Remote Code Execution"}, "threat_synthesis": {"affected_systems": "The vulnerability impacts the Android version of DeftPDF Document Translator v54.0. Users who can trigger the file import feature are susceptible, and the flaw may affect all installations on Android devices that run this specific software version.", "description_and_impact": "An arbitrary file overwrite flaw in DeftPDF Document Translator v54.0 allows an attacker to replace internal files through the file import routine, potentially executing malicious code or exposing sensitive data. The weakness is a classic example of CWE\u201173 Relative Path Traversal, where insufficient validation of file paths permits overwriting protected application files.", "risk_and_exploitability": "The CVSS score of 9.8 marks it as critical, while an EPSS score of less than 1% indicates a low current exploitation risk. It is not listed in CISA\u2019s KEV catalog, suggesting no widely known public exploits yet. The likely attack vector appears to be local or user\u2011initiated via the file import function, though this inference is based on the description rather than explicit documentation."}}}}, "created": "2026-03-31T19:56:55.290530+00:00", "title": "DeftPDF Document Translator Arbitrary File Overwrite Vulnerability", "updated": "2026-04-07T08:08:28.793146+00:00", "vendors": ["deftpdf", "deftpdf$PRODUCT$document_translator"]}