The current version of Nitro PDF Pro has at least one vulnerability that could be used to attempt remote code execution on the victim host. A fix from a third party is on its way for this security flaw, which has a severity score of 8.8 out of 10. The bug is part of a set of six vulnerabilities discovered by researchers at Cisco Talos earlier this week. A similar bug exists that was reported to Acros Security and Nitro Software about two years ago; it was never fixed.
Source: https://www.bleepingcomputer.com/news/security/nitro-pdf-pro-to-get-micropatches-for-7-potential-rce-bugs/