When “safe” documents aren’t.

When “safe” documents aren’t.

From Research Saturday by N2K Networks

March 28, 2026 · 21 min · Season 10 · Episode 418

About this episode

Omer Ninburg discusses the vulnerabilities found in PDF engines and services using a multi-agent LLM system.

Omer Ninburg, CTO of Novee Security, joins us on this episode of Research Saturday to discuss their work on "From PDF to Pwn: Scalable 0day Discovery in PDF Engines and Services Using Multi-Agent LLMs." Historically, Portable Document Formats – the immutable, localized PDF – was once considered a “safe” component inside enterprise environments. That is no longer the case. To demonstrate how PDF services and engines can be exploited, the team at Novee used their proprietary, multi-agent LLM system to uncover vulnerability patterns, and systematically scale them into a broad discovery campaign across two PDF vendor ecosystems. The research uncovered 16 verified vulnerabilities across client-side PDF viewers, embedded plugins, and server-side PDF services. The research and executive brief can be found here: ⁠From PDF to Pwn: Scalable 0day Discovery in PDF Engines and Services Using Multi-Agent LLMs Hacker-Trained AI Discovers 16 New 0-Day Vulnerabilities in PDF Engines Learn more about your ad choices. Visit megaphone.fm/adchoices

People in this episode

Guest: Omer Ninburg

Topics covered

  • PDF vulnerabilities
  • cybersecurity
  • multi-agent LLMs
  • enterprise security
  • 0-day discovery

Keywords

  • PDF
  • vulnerabilities
  • cybersecurity
  • Novee Security
  • 0-day
  • LLM
  • enterprise

Mentioned in this episode

Organizations: Novee Security

Books & works: From PDF to Pwn: Scalable 0day Discovery in PDF Engines and Services Using Multi-Agent LLMs

More episodes of Research Saturday

Explore listener stats, chart rankings, contacts and more on the Research Saturday podcast page.