CVE-2026-31547: Tropic Trooper SumatraPDF Campaign

CVSSawaiting NVD

ExploitationNo exploitation reported

Triage statusUnder Review

ActionSchedule for next cycle

Affected product

Tropic Trooper SumatraPDF Campaign

Remediation Steps

Verify SumatraPDF is updated to latest version from official source
Scan endpoint for AdaptixC2 Beacon post-exploitation agent signatures
Block VS Code tunnel functionality via policy if not operationally required
Review GitHub repository access logs for suspicious activity
Implement application whitelisting restricting PDF readers to legitimate copies

References

https://www.zscaler.com/blogs/security-research
https://www.sumatrapdfreader.org
https://nvd.nist.gov/vuln/detail/CVE-2026-31547

Coverage on defend.network

Vulnerability Priority Report – Week 4 of April 2026 (April 27 – May 3)

🤖 This CVE page is generated by defend.network from NVD, CISA KEV, EPSS, and our verified daily briefings. Severity and exploitation data come from official sources; always verify remediation steps against the official vendor advisory before acting in production.

Affected product

Remediation Steps

References

Coverage on defend.network

Get Critical CVE Alerts