PDFs are very commonly found on the web, and I carefully either view them on the browsers, or use readers without the capability to run the scripts that may come with them (shitty design choice) like Evince or XReader, or, on Windows, disable the scripts on Adobe Reader.
However, I was wondering whether other sorts of attacks may be possible by exploiting other unpatched vulnerabilities. Since I find it hard to trust the 100% of PDFs you open, what are the best practices to minimize the risk?