Search

Find a vulnerability

Search criteria

    70 vulnerabilities found for pypdf by py-pdf

    CVE-2026-57204 (GCVE-0-2026-57204)

    Vulnerability from nvd – Published: 2026-06-30 21:59 – Updated: 2026-07-01 14:29
    VLAI
    Title
    pypdf: Missing stream length values ignore defined limits
    Summary
    pypdf is a free and open-source pure-python PDF library. Prior to 6.13.3, a maliciously crafted PDF can cause DoS. An attacker who uses this vulnerability can craft a PDF which leads to large memory usage, as MAX_DECLARED_STREAM_LENGTH is sometimes ignored. This requires parsing a content stream without a /Length value. This issue has been fixed in version 6.13.3.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-400 - Uncontrolled Resource Consumption
    Assigner
    References
    Impacted products
    Vendor Product Version
    py-pdf pypdf Affected: < 6.13.3
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-57204",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-07-01T13:57:13.824803Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-01T14:29:01.785Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "pypdf",
              "vendor": "py-pdf",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003c 6.13.3"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "pypdf is a free and open-source pure-python PDF library. Prior to 6.13.3, a maliciously crafted PDF can cause DoS. An attacker who uses this vulnerability can craft a PDF which leads to large memory usage, as MAX_DECLARED_STREAM_LENGTH is sometimes ignored. This requires parsing a content stream without a /Length value. This issue has been fixed in version 6.13.3."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 6.9,
                "baseSeverity": "MEDIUM",
                "privilegesRequired": "NONE",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "LOW",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "NONE"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-400",
                  "description": "CWE-400: Uncontrolled Resource Consumption",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-30T21:59:46.274Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/py-pdf/pypdf/security/advisories/GHSA-jm82-fx9c-mx94",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/py-pdf/pypdf/security/advisories/GHSA-jm82-fx9c-mx94"
            },
            {
              "name": "https://github.com/py-pdf/pypdf/releases/tag/6.13.3",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/py-pdf/pypdf/releases/tag/6.13.3"
            }
          ],
          "source": {
            "advisory": "GHSA-jm82-fx9c-mx94",
            "discovery": "UNKNOWN"
          },
          "title": "pypdf: Missing stream length values ignore defined limits"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2026-57204",
        "datePublished": "2026-06-30T21:59:46.274Z",
        "dateReserved": "2026-06-24T02:00:46.801Z",
        "dateUpdated": "2026-07-01T14:29:01.785Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-54651 (GCVE-0-2026-54651)

    Vulnerability from nvd – Published: 2026-06-22 20:28 – Updated: 2026-06-23 12:10
    VLAI
    Title
    pypdf: Possible infinite loop when processing threads/articles in writer
    Summary
    pypdf is a free and open-source pure-python PDF library. Prior to 6.13.1, an attacker who uses this vulnerability can craft a PDF which leads to an infinite loop. This requires merging a file with threads/articles into a writer. This vulnerability is fixed in 6.13.1.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')
    Assigner
    Impacted products
    Vendor Product Version
    py-pdf pypdf Affected: < 6.13.1
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-54651",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-23T12:09:57.316922Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-23T12:10:07.463Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "pypdf",
              "vendor": "py-pdf",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003c 6.13.1"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "pypdf is a free and open-source pure-python PDF library. Prior to 6.13.1, an attacker who uses this vulnerability can craft a PDF which leads to an infinite loop. This requires merging a file with threads/articles into a writer. This vulnerability is fixed in 6.13.1."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "LOCAL",
                "baseScore": 6.9,
                "baseSeverity": "MEDIUM",
                "privilegesRequired": "NONE",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "NONE"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-835",
                  "description": "CWE-835: Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-22T20:28:28.412Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/py-pdf/pypdf/security/advisories/GHSA-g9xf-7f8q-9mcj",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/py-pdf/pypdf/security/advisories/GHSA-g9xf-7f8q-9mcj"
            },
            {
              "name": "https://github.com/py-pdf/pypdf/pull/3839",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/py-pdf/pypdf/pull/3839"
            },
            {
              "name": "https://github.com/py-pdf/pypdf/releases/tag/6.13.1",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/py-pdf/pypdf/releases/tag/6.13.1"
            }
          ],
          "source": {
            "advisory": "GHSA-g9xf-7f8q-9mcj",
            "discovery": "UNKNOWN"
          },
          "title": "pypdf: Possible infinite loop when processing threads/articles in writer"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2026-54651",
        "datePublished": "2026-06-22T20:28:28.412Z",
        "dateReserved": "2026-06-15T20:16:46.198Z",
        "dateUpdated": "2026-06-23T12:10:07.463Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-54531 (GCVE-0-2026-54531)

    Vulnerability from nvd – Published: 2026-06-22 20:26 – Updated: 2026-06-23 16:11
    VLAI
    Title
    pypdf: Possible infinite loop when processing outlines/bookmarks in writer
    Summary
    pypdf is a free and open-source pure-python PDF library. Prior to 6.13.0, an attacker who uses this vulnerability can craft a PDF which leads to an infinite loop. This requires merging a file with outlines into a writer. This vulnerability is fixed in 6.13.0.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')
    Assigner
    Impacted products
    Vendor Product Version
    py-pdf pypdf Affected: < 6.13.0
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-54531",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-23T14:17:27.850481Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-23T16:11:53.472Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "pypdf",
              "vendor": "py-pdf",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003c 6.13.0"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "pypdf is a free and open-source pure-python PDF library. Prior to 6.13.0, an attacker who uses this vulnerability can craft a PDF which leads to an infinite loop. This requires merging a file with outlines into a writer. This vulnerability is fixed in 6.13.0."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "LOCAL",
                "baseScore": 6.9,
                "baseSeverity": "MEDIUM",
                "privilegesRequired": "NONE",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "NONE"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-835",
                  "description": "CWE-835: Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-22T20:26:19.756Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/py-pdf/pypdf/security/advisories/GHSA-m2v9-299j-rv96",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/py-pdf/pypdf/security/advisories/GHSA-m2v9-299j-rv96"
            },
            {
              "name": "https://github.com/py-pdf/pypdf/pull/3830",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/py-pdf/pypdf/pull/3830"
            },
            {
              "name": "https://github.com/py-pdf/pypdf/releases/tag/6.13.0",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/py-pdf/pypdf/releases/tag/6.13.0"
            }
          ],
          "source": {
            "advisory": "GHSA-m2v9-299j-rv96",
            "discovery": "UNKNOWN"
          },
          "title": "pypdf: Possible infinite loop when processing outlines/bookmarks in writer"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2026-54531",
        "datePublished": "2026-06-22T20:26:19.756Z",
        "dateReserved": "2026-06-15T18:40:01.651Z",
        "dateUpdated": "2026-06-23T16:11:53.472Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-54530 (GCVE-0-2026-54530)

    Vulnerability from nvd – Published: 2026-06-22 20:25 – Updated: 2026-06-23 16:11
    VLAI
    Title
    pypdf: Possible infinite loop when retrieving fonts for layout-mode text extraction
    Summary
    pypdf is a free and open-source pure-python PDF library. Prior to 6.13.0, an attacker who uses this vulnerability can craft a PDF which leads to an infinite loop. This requires extracting the text in layout mode. This vulnerability is fixed in 6.13.0.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')
    Assigner
    Impacted products
    Vendor Product Version
    py-pdf pypdf Affected: < 6.13.0
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-54530",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-23T14:52:35.536228Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-23T16:11:37.526Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "pypdf",
              "vendor": "py-pdf",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003c 6.13.0"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "pypdf is a free and open-source pure-python PDF library. Prior to 6.13.0, an attacker who uses this vulnerability can craft a PDF which leads to an infinite loop. This requires extracting the text in layout mode. This vulnerability is fixed in 6.13.0."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "LOCAL",
                "baseScore": 6.9,
                "baseSeverity": "MEDIUM",
                "privilegesRequired": "NONE",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "NONE"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-835",
                  "description": "CWE-835: Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-22T20:25:29.305Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/py-pdf/pypdf/security/advisories/GHSA-52x6-gq3r-vpf4",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/py-pdf/pypdf/security/advisories/GHSA-52x6-gq3r-vpf4"
            },
            {
              "name": "https://github.com/py-pdf/pypdf/pull/3830",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/py-pdf/pypdf/pull/3830"
            },
            {
              "name": "https://github.com/py-pdf/pypdf/releases/tag/6.13.0",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/py-pdf/pypdf/releases/tag/6.13.0"
            }
          ],
          "source": {
            "advisory": "GHSA-52x6-gq3r-vpf4",
            "discovery": "UNKNOWN"
          },
          "title": "pypdf: Possible infinite loop when retrieving fonts for layout-mode text extraction"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2026-54530",
        "datePublished": "2026-06-22T20:25:29.305Z",
        "dateReserved": "2026-06-15T18:40:01.651Z",
        "dateUpdated": "2026-06-23T16:11:37.526Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-49461 (GCVE-0-2026-49461)

    Vulnerability from nvd – Published: 2026-06-22 20:27 – Updated: 2026-06-23 15:54
    VLAI
    Title
    pypdf: Possible large memory usage for form XObjects during text extraction
    Summary
    pypdf is a free and open-source pure-python PDF library. Prior to 6.12.2, an attacker who uses this vulnerability can craft a PDF which leads to large memory usage. This requires extracting the text of a page which contains a form XObject with self-references. This vulnerability is fixed in 6.12.2.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-400 - Uncontrolled Resource Consumption
    Assigner
    Impacted products
    Vendor Product Version
    py-pdf pypdf Affected: < 6.12.2
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-49461",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-23T12:23:13.224222Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-23T15:54:54.860Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "pypdf",
              "vendor": "py-pdf",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003c 6.12.2"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "pypdf is a free and open-source pure-python PDF library. Prior to 6.12.2, an attacker who uses this vulnerability can craft a PDF which leads to large memory usage. This requires extracting the text of a page which contains a form XObject with self-references. This vulnerability is fixed in 6.12.2."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "LOCAL",
                "baseScore": 6.9,
                "baseSeverity": "MEDIUM",
                "privilegesRequired": "NONE",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "NONE"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-400",
                  "description": "CWE-400: Uncontrolled Resource Consumption",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-22T20:27:16.174Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/py-pdf/pypdf/security/advisories/GHSA-j543-4vmf-qm7v",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/py-pdf/pypdf/security/advisories/GHSA-j543-4vmf-qm7v"
            },
            {
              "name": "https://github.com/py-pdf/pypdf/pull/3805",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/py-pdf/pypdf/pull/3805"
            },
            {
              "name": "https://github.com/py-pdf/pypdf/releases/tag/6.12.2",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/py-pdf/pypdf/releases/tag/6.12.2"
            }
          ],
          "source": {
            "advisory": "GHSA-j543-4vmf-qm7v",
            "discovery": "UNKNOWN"
          },
          "title": "pypdf: Possible large memory usage for form XObjects during text extraction"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2026-49461",
        "datePublished": "2026-06-22T20:27:16.174Z",
        "dateReserved": "2026-05-30T04:17:43.094Z",
        "dateUpdated": "2026-06-23T15:54:54.860Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-49460 (GCVE-0-2026-49460)

    Vulnerability from nvd – Published: 2026-06-22 20:28 – Updated: 2026-06-23 15:54
    VLAI
    Title
    pypdf: Inefficient decoding of FlateDecode PNG predictor streams
    Summary
    pypdf is a free and open-source pure-python PDF library. Prior to 6.12.2, an attacker who uses this vulnerability can craft a PDF which leads to long runtimes. This requires accessing a stream which uses the /FlateDecode filter with a PNG predictor. This vulnerability is fixed in 6.12.2.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-407 - Inefficient Algorithmic Complexity
    Assigner
    Impacted products
    Vendor Product Version
    py-pdf pypdf Affected: < 6.12.2
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-49460",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-23T14:04:25.948226Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-23T15:54:39.908Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "pypdf",
              "vendor": "py-pdf",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003c 6.12.2"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "pypdf is a free and open-source pure-python PDF library. Prior to 6.12.2, an attacker who uses this vulnerability can craft a PDF which leads to long runtimes. This requires accessing a stream which uses the /FlateDecode filter with a PNG predictor. This vulnerability is fixed in 6.12.2."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "LOCAL",
                "baseScore": 5.1,
                "baseSeverity": "MEDIUM",
                "privilegesRequired": "NONE",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "LOW",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "NONE"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-407",
                  "description": "CWE-407: Inefficient Algorithmic Complexity",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-22T20:28:16.413Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/py-pdf/pypdf/security/advisories/GHSA-5hgr-hg42-57jg",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/py-pdf/pypdf/security/advisories/GHSA-5hgr-hg42-57jg"
            },
            {
              "name": "https://github.com/py-pdf/pypdf/pull/3806",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/py-pdf/pypdf/pull/3806"
            },
            {
              "name": "https://github.com/py-pdf/pypdf/releases/tag/6.12.2",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/py-pdf/pypdf/releases/tag/6.12.2"
            }
          ],
          "source": {
            "advisory": "GHSA-5hgr-hg42-57jg",
            "discovery": "UNKNOWN"
          },
          "title": "pypdf: Inefficient decoding of FlateDecode PNG predictor streams"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2026-49460",
        "datePublished": "2026-06-22T20:28:16.413Z",
        "dateReserved": "2026-05-30T02:43:33.107Z",
        "dateUpdated": "2026-06-23T15:54:39.908Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-48735 (GCVE-0-2026-48735)

    Vulnerability from nvd – Published: 2026-05-28 14:49 – Updated: 2026-06-02 14:57
    VLAI
    Title
    pypdf: Manipulated XMP metadata streams can exhaust RAM
    Summary
    pypdf is a free and open-source pure-python PDF library. Prior to 6.12.1, an attacker who uses this vulnerability can craft a PDF which leads to large memory usage. This requires parsing large XMP metadata, possibly with lots of unnecessary elements. This vulnerability is fixed in 6.12.1.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-770 - Allocation of Resources Without Limits or Throttling
    Assigner
    Impacted products
    Vendor Product Version
    py-pdf pypdf Affected: < 6.12.1
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-48735",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-02T14:56:55.997922Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-02T14:57:31.021Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "pypdf",
              "vendor": "py-pdf",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003c 6.12.1"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "pypdf is a free and open-source pure-python PDF library. Prior to 6.12.1, an attacker who uses this vulnerability can craft a PDF which leads to large memory usage. This requires parsing large XMP metadata, possibly with lots of unnecessary elements. This vulnerability is fixed in 6.12.1."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "LOCAL",
                "baseScore": 6.9,
                "baseSeverity": "MEDIUM",
                "privilegesRequired": "NONE",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "NONE"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-770",
                  "description": "CWE-770: Allocation of Resources Without Limits or Throttling",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-28T14:49:11.814Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/py-pdf/pypdf/security/advisories/GHSA-wjqc-6w8f-h24c",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/py-pdf/pypdf/security/advisories/GHSA-wjqc-6w8f-h24c"
            },
            {
              "name": "https://github.com/py-pdf/pypdf/pull/3796",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/py-pdf/pypdf/pull/3796"
            },
            {
              "name": "https://github.com/py-pdf/pypdf/releases/tag/6.12.1",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/py-pdf/pypdf/releases/tag/6.12.1"
            }
          ],
          "source": {
            "advisory": "GHSA-wjqc-6w8f-h24c",
            "discovery": "UNKNOWN"
          },
          "title": "pypdf: Manipulated XMP metadata streams can exhaust RAM"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2026-48735",
        "datePublished": "2026-05-28T14:49:11.814Z",
        "dateReserved": "2026-05-22T19:10:35.746Z",
        "dateUpdated": "2026-06-02T14:57:31.021Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-48156 (GCVE-0-2026-48156)

    Vulnerability from nvd – Published: 2026-05-28 14:50 – Updated: 2026-05-30 02:08
    VLAI
    Title
    pypdf: Possible long runtimes for zero-only width values in cross-reference streams
    Summary
    pypdf is a free and open-source pure-python PDF library. Prior to 6.12.0, an attacker who uses this vulnerability can craft a PDF which leads to long runtimes. This requires cross-reference streams with /W [0 0 0] values and large /Size values. This vulnerability is fixed in 6.12.0.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    py-pdf pypdf Affected: < 6.12.0
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-48156",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-05-30T02:08:10.197722Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-05-30T02:08:20.806Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "pypdf",
              "vendor": "py-pdf",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003c 6.12.0"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "pypdf is a free and open-source pure-python PDF library. Prior to 6.12.0, an attacker who uses this vulnerability can craft a PDF which leads to long runtimes. This requires cross-reference streams with /W [0 0 0] values and large /Size values. This vulnerability is fixed in 6.12.0."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "LOCAL",
                "baseScore": 5.1,
                "baseSeverity": "MEDIUM",
                "privilegesRequired": "NONE",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "LOW",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "NONE"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-834",
                  "description": "CWE-834: Excessive Iteration",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-28T14:50:41.829Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/py-pdf/pypdf/security/advisories/GHSA-248m-82v9-q6g6",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/py-pdf/pypdf/security/advisories/GHSA-248m-82v9-q6g6"
            },
            {
              "name": "https://github.com/py-pdf/pypdf/pull/3791",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/py-pdf/pypdf/pull/3791"
            },
            {
              "name": "https://github.com/py-pdf/pypdf/releases/tag/6.12.0",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/py-pdf/pypdf/releases/tag/6.12.0"
            }
          ],
          "source": {
            "advisory": "GHSA-248m-82v9-q6g6",
            "discovery": "UNKNOWN"
          },
          "title": "pypdf: Possible long runtimes for zero-only width values in cross-reference streams"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2026-48156",
        "datePublished": "2026-05-28T14:50:41.829Z",
        "dateReserved": "2026-05-20T23:12:43.031Z",
        "dateUpdated": "2026-05-30T02:08:20.806Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-48155 (GCVE-0-2026-48155)

    Vulnerability from nvd – Published: 2026-05-28 14:51 – Updated: 2026-05-28 15:57
    VLAI
    Title
    pypdf: Possible large memory usage for large offsets for layout mode text
    Summary
    pypdf is a free and open-source pure-python PDF library. Prior to 6.12.0, an attacker who uses this vulnerability can craft a PDF which leads to large memory usage. This requires extracting text in layout mode with large character offsets. This vulnerability is fixed in 6.12.0.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-400 - Uncontrolled Resource Consumption
    Assigner
    Impacted products
    Vendor Product Version
    py-pdf pypdf Affected: < 6.12.0
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-48155",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-05-28T15:57:44.616233Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-05-28T15:57:54.367Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "pypdf",
              "vendor": "py-pdf",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003c 6.12.0"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "pypdf is a free and open-source pure-python PDF library. Prior to 6.12.0, an attacker who uses this vulnerability can craft a PDF which leads to large memory usage. This requires extracting text in layout mode with large character offsets. This vulnerability is fixed in 6.12.0."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "LOCAL",
                "baseScore": 4.8,
                "baseSeverity": "MEDIUM",
                "privilegesRequired": "NONE",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "PASSIVE",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "LOW",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "NONE"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-400",
                  "description": "CWE-400: Uncontrolled Resource Consumption",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-28T14:51:49.411Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/py-pdf/pypdf/security/advisories/GHSA-cj93-chg6-vgv8",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/py-pdf/pypdf/security/advisories/GHSA-cj93-chg6-vgv8"
            },
            {
              "name": "https://github.com/py-pdf/pypdf/pull/3790",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/py-pdf/pypdf/pull/3790"
            },
            {
              "name": "https://github.com/py-pdf/pypdf/releases/tag/6.12.0",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/py-pdf/pypdf/releases/tag/6.12.0"
            }
          ],
          "source": {
            "advisory": "GHSA-cj93-chg6-vgv8",
            "discovery": "UNKNOWN"
          },
          "title": "pypdf: Possible large memory usage for large offsets for layout mode text"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2026-48155",
        "datePublished": "2026-05-28T14:51:49.411Z",
        "dateReserved": "2026-05-20T23:12:43.031Z",
        "dateUpdated": "2026-05-28T15:57:54.367Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-41314 (GCVE-0-2026-41314)

    Vulnerability from nvd – Published: 2026-04-22 21:08 – Updated: 2026-04-23 14:21
    VLAI
    Title
    pypdf: Manipulated FlateDecode image dimensions can exhaust RAM
    Summary
    pypdf is a free and open-source pure-python PDF library. An attacker who uses a vulnerability present in versions prior to 6.10.2 can craft a PDF which leads to the RAM being exhausted. This requires accessing an image using `/FlateDecode` with large size values. This has been fixed in pypdf 6.10.2. As a workaround, one may apply the changes from the patch manually.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-789 - Memory Allocation with Excessive Size Value
    Assigner
    Impacted products
    Vendor Product Version
    py-pdf pypdf Affected: < 6.10.2
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-41314",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-04-23T14:21:23.056055Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-04-23T14:21:47.589Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "pypdf",
              "vendor": "py-pdf",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003c 6.10.2"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "pypdf is a free and open-source pure-python PDF library. An attacker who uses a vulnerability present in versions prior to 6.10.2 can craft a PDF which leads to the RAM being exhausted. This requires accessing an image using `/FlateDecode` with large size values. This has been fixed in pypdf 6.10.2. As a workaround, one may apply the changes from the patch manually."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "LOCAL",
                "baseScore": 4.8,
                "baseSeverity": "MEDIUM",
                "privilegesRequired": "NONE",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "PASSIVE",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "LOW",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "NONE"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-789",
                  "description": "CWE-789: Memory Allocation with Excessive Size Value",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-22T21:08:14.700Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/py-pdf/pypdf/security/advisories/GHSA-x284-j5p8-9c5p",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/py-pdf/pypdf/security/advisories/GHSA-x284-j5p8-9c5p"
            },
            {
              "name": "https://github.com/py-pdf/pypdf/pull/3734",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/py-pdf/pypdf/pull/3734"
            },
            {
              "name": "https://github.com/py-pdf/pypdf/commit/ac734dab4eef92bcce50d503949b4d9887d89f11",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/py-pdf/pypdf/commit/ac734dab4eef92bcce50d503949b4d9887d89f11"
            },
            {
              "name": "https://github.com/py-pdf/pypdf/releases/tag/6.10.2",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/py-pdf/pypdf/releases/tag/6.10.2"
            }
          ],
          "source": {
            "advisory": "GHSA-x284-j5p8-9c5p",
            "discovery": "UNKNOWN"
          },
          "title": "pypdf: Manipulated FlateDecode image dimensions can exhaust RAM"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2026-41314",
        "datePublished": "2026-04-22T21:08:14.700Z",
        "dateReserved": "2026-04-20T14:01:46.671Z",
        "dateUpdated": "2026-04-23T14:21:47.589Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-41313 (GCVE-0-2026-41313)

    Vulnerability from nvd – Published: 2026-04-22 21:04 – Updated: 2026-04-23 16:24
    VLAI
    Title
    pypdf: Possible long runtimes for wrong size values in incremental mode
    Summary
    pypdf is a free and open-source pure-python PDF library. An attacker who uses a vulnerability present in versions prior to 6.10.2 can craft a PDF which leads to long runtimes. This requires loading a PDF with a large trailer `/Size` value in incremental mode. This has been fixed in pypdf 6.10.2. As a workaround, one may apply the changes from the patch manually.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    py-pdf pypdf Affected: < 6.10.2
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-41313",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-04-23T13:42:06.228654Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-04-23T16:24:39.932Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "pypdf",
              "vendor": "py-pdf",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003c 6.10.2"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "pypdf is a free and open-source pure-python PDF library. An attacker who uses a vulnerability present in versions prior to 6.10.2 can craft a PDF which leads to long runtimes. This requires loading a PDF with a large trailer `/Size` value in incremental mode. This has been fixed in pypdf 6.10.2. As a workaround, one may apply the changes from the patch manually."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "LOCAL",
                "baseScore": 4.8,
                "baseSeverity": "MEDIUM",
                "privilegesRequired": "NONE",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "PASSIVE",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "LOW",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "NONE"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-834",
                  "description": "CWE-834: Excessive Iteration",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-22T21:04:59.877Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/py-pdf/pypdf/security/advisories/GHSA-4pxv-j86v-mhcw",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/py-pdf/pypdf/security/advisories/GHSA-4pxv-j86v-mhcw"
            },
            {
              "name": "https://github.com/py-pdf/pypdf/pull/3735",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/py-pdf/pypdf/pull/3735"
            },
            {
              "name": "https://github.com/py-pdf/pypdf/commit/c50a0104cf083356f7c7f5d61410466a57f5c88a",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/py-pdf/pypdf/commit/c50a0104cf083356f7c7f5d61410466a57f5c88a"
            },
            {
              "name": "https://github.com/py-pdf/pypdf/releases/tag/6.10.2",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/py-pdf/pypdf/releases/tag/6.10.2"
            }
          ],
          "source": {
            "advisory": "GHSA-4pxv-j86v-mhcw",
            "discovery": "UNKNOWN"
          },
          "title": "pypdf: Possible long runtimes for wrong size values in incremental mode"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2026-41313",
        "datePublished": "2026-04-22T21:04:59.877Z",
        "dateReserved": "2026-04-20T14:01:46.671Z",
        "dateUpdated": "2026-04-23T16:24:39.932Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-41312 (GCVE-0-2026-41312)

    Vulnerability from nvd – Published: 2026-04-22 21:02 – Updated: 2026-04-23 13:45
    VLAI
    Title
    pypdf: Manipulated FlateDecode predictor parameters can exhaust RAM
    Summary
    pypdf is a free and open-source pure-python PDF library. An attacker who uses a vulnerability present in versions prior to 6.10.2 can craft a PDF which leads to the RAM being exhausted. This requires accessing a stream compressed using `/FlateDecode` with a `/Predictor` unequal 1 and large predictor parameters. This has been fixed in pypdf 6.10.2. As a workaround, one may apply the changes from the patch manually.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-789 - Memory Allocation with Excessive Size Value
    Assigner
    Impacted products
    Vendor Product Version
    py-pdf pypdf Affected: < 6.10.2
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-41312",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-04-23T13:45:18.970091Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-04-23T13:45:30.296Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "pypdf",
              "vendor": "py-pdf",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003c 6.10.2"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "pypdf is a free and open-source pure-python PDF library. An attacker who uses a vulnerability present in versions prior to 6.10.2 can craft a PDF which leads to the RAM being exhausted. This requires accessing a stream compressed using `/FlateDecode` with a `/Predictor` unequal 1 and large predictor parameters. This has been fixed in pypdf 6.10.2. As a workaround, one may apply the changes from the patch manually."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "LOCAL",
                "baseScore": 4.8,
                "baseSeverity": "MEDIUM",
                "privilegesRequired": "NONE",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "PASSIVE",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "LOW",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "NONE"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-789",
                  "description": "CWE-789: Memory Allocation with Excessive Size Value",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-22T21:04:22.958Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/py-pdf/pypdf/security/advisories/GHSA-7gw9-cf7v-778f",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/py-pdf/pypdf/security/advisories/GHSA-7gw9-cf7v-778f"
            },
            {
              "name": "https://github.com/py-pdf/pypdf/pull/3734",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/py-pdf/pypdf/pull/3734"
            },
            {
              "name": "https://github.com/py-pdf/pypdf/commit/ac734dab4eef92bcce50d503949b4d9887d89f11",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/py-pdf/pypdf/commit/ac734dab4eef92bcce50d503949b4d9887d89f11"
            },
            {
              "name": "https://github.com/py-pdf/pypdf/releases/tag/6.10.2",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/py-pdf/pypdf/releases/tag/6.10.2"
            }
          ],
          "source": {
            "advisory": "GHSA-7gw9-cf7v-778f",
            "discovery": "UNKNOWN"
          },
          "title": "pypdf: Manipulated FlateDecode predictor parameters can exhaust RAM"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2026-41312",
        "datePublished": "2026-04-22T21:02:53.156Z",
        "dateReserved": "2026-04-20T14:01:46.671Z",
        "dateUpdated": "2026-04-23T13:45:30.296Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-41168 (GCVE-0-2026-41168)

    Vulnerability from nvd – Published: 2026-04-22 20:49 – Updated: 2026-04-23 16:24
    VLAI
    Title
    pypdf has possible long runtimes for wrong size values in cross-reference and object streams
    Summary
    pypdf is a free and open-source pure-python PDF library. An attacker who uses a vulnerability present in versions prior to 6.10.1 can craft a PDF which leads to long runtimes. This requires cross-reference streams with wrong large `/Size` values or object streams with wrong large `/N` values. This has been fixed in pypdf 6.10.1. As a workaround, one may apply the changes from the patch manually.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    py-pdf pypdf Affected: < 6.10.1
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-41168",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-04-23T13:41:24.058142Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-04-23T16:24:48.712Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "pypdf",
              "vendor": "py-pdf",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003c 6.10.1"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "pypdf is a free and open-source pure-python PDF library. An attacker who uses a vulnerability present in versions prior to 6.10.1 can craft a PDF which leads to long runtimes. This requires cross-reference streams with wrong large `/Size` values or object streams with wrong large `/N` values. This has been fixed in pypdf 6.10.1. As a workaround, one may apply the changes from the patch manually."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 6.9,
                "baseSeverity": "MEDIUM",
                "privilegesRequired": "NONE",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "LOW",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "NONE"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-834",
                  "description": "CWE-834: Excessive Iteration",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-22T20:49:10.401Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/py-pdf/pypdf/security/advisories/GHSA-jj6c-8h6c-hppx",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/py-pdf/pypdf/security/advisories/GHSA-jj6c-8h6c-hppx"
            },
            {
              "name": "https://github.com/py-pdf/pypdf/pull/3733",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/py-pdf/pypdf/pull/3733"
            },
            {
              "name": "https://github.com/py-pdf/pypdf/commit/62338e9d36419cf193ccec7331784f45df1d70b3",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/py-pdf/pypdf/commit/62338e9d36419cf193ccec7331784f45df1d70b3"
            },
            {
              "name": "https://github.com/py-pdf/pypdf/releases/tag/6.10.1",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/py-pdf/pypdf/releases/tag/6.10.1"
            }
          ],
          "source": {
            "advisory": "GHSA-jj6c-8h6c-hppx",
            "discovery": "UNKNOWN"
          },
          "title": "pypdf has possible long runtimes for wrong size values in cross-reference and object streams"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2026-41168",
        "datePublished": "2026-04-22T20:49:10.401Z",
        "dateReserved": "2026-04-17T16:34:45.525Z",
        "dateUpdated": "2026-04-23T16:24:48.712Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-40260 (GCVE-0-2026-40260)

    Vulnerability from nvd – Published: 2026-04-16 23:18 – Updated: 2026-04-17 18:42
    VLAI
    Title
    pypdf: Manipulated XMP metadata entity declarations can exhaust RAM
    Summary
    pypdf is a free and open-source pure-python PDF library. In versions prior to 6.10.0, manipulated XMP metadata entity declarations can exhaust RAM. An attacker who exploits this vulnerability can craft a PDF which leads to large memory usage. This requires parsing the XMP metadata. This issue has been fixed in version 6.10.0.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-776 - Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')
    Assigner
    Impacted products
    Vendor Product Version
    py-pdf pypdf Affected: < 6.10.0
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-40260",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-04-17T18:41:50.866889Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-04-17T18:42:05.059Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "pypdf",
              "vendor": "py-pdf",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003c 6.10.0"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "pypdf is a free and open-source pure-python PDF library. In versions prior to 6.10.0, manipulated XMP metadata entity declarations can exhaust RAM. An attacker who exploits this vulnerability can craft a PDF which leads to large memory usage. This requires parsing the XMP metadata. This issue has been fixed in version 6.10.0."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 6.9,
                "baseSeverity": "MEDIUM",
                "privilegesRequired": "NONE",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "LOW",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "NONE"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-776",
                  "description": "CWE-776: Improper Restriction of Recursive Entity References in DTDs (\u0027XML Entity Expansion\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-16T23:18:26.687Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/py-pdf/pypdf/security/advisories/GHSA-3crg-w4f6-42mx",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/py-pdf/pypdf/security/advisories/GHSA-3crg-w4f6-42mx"
            },
            {
              "name": "https://github.com/py-pdf/pypdf/pull/3724",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/py-pdf/pypdf/pull/3724"
            },
            {
              "name": "https://github.com/py-pdf/pypdf/commit/b15a374e5ca648d4878e57c3b2c0551e7f8cc7f8",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/py-pdf/pypdf/commit/b15a374e5ca648d4878e57c3b2c0551e7f8cc7f8"
            },
            {
              "name": "https://github.com/py-pdf/pypdf/releases/tag/6.10.0",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/py-pdf/pypdf/releases/tag/6.10.0"
            }
          ],
          "source": {
            "advisory": "GHSA-3crg-w4f6-42mx",
            "discovery": "UNKNOWN"
          },
          "title": "pypdf: Manipulated XMP metadata entity declarations can exhaust RAM"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2026-40260",
        "datePublished": "2026-04-16T23:18:26.687Z",
        "dateReserved": "2026-04-10T17:31:45.787Z",
        "dateUpdated": "2026-04-17T18:42:05.059Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-33699 (GCVE-0-2026-33699)

    Vulnerability from nvd – Published: 2026-03-26 23:58 – Updated: 2026-03-27 19:59
    VLAI
    Title
    pypdf: Possible infinite loop during recovery attempts in DictionaryObject.read_from_stream
    Summary
    pypdf is a free and open-source pure-python PDF library. Versions prior to 6.9.2 have a vulnerability in which an attacker can craft a PDF which leads to an infinite loop. This requires reading a file in non-strict mode. This has been fixed in pypdf 6.9.2. If users cannot upgrade yet, consider applying the changes from the patch manually.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')
    Assigner
    Impacted products
    Vendor Product Version
    py-pdf pypdf Affected: < 6.9.2
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-33699",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-03-27T13:27:07.800115Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-03-27T19:59:39.751Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "pypdf",
              "vendor": "py-pdf",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003c 6.9.2"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "pypdf is a free and open-source pure-python PDF library. Versions prior to 6.9.2 have a vulnerability in which an attacker can craft a PDF which leads to an infinite loop. This requires reading a file in non-strict mode. This has been fixed in pypdf 6.9.2. If users cannot upgrade yet, consider applying the changes from the patch manually."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "LOW",
                "attackRequirements": "PRESENT",
                "attackVector": "NETWORK",
                "baseScore": 4.6,
                "baseSeverity": "MEDIUM",
                "privilegesRequired": "NONE",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "NONE"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-835",
                  "description": "CWE-835: Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-03-26T23:58:42.776Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/py-pdf/pypdf/security/advisories/GHSA-87mj-5ggw-8qc3",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/py-pdf/pypdf/security/advisories/GHSA-87mj-5ggw-8qc3"
            },
            {
              "name": "https://github.com/py-pdf/pypdf/pull/3693",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/py-pdf/pypdf/pull/3693"
            },
            {
              "name": "https://github.com/py-pdf/pypdf/releases/tag/6.9.2",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/py-pdf/pypdf/releases/tag/6.9.2"
            }
          ],
          "source": {
            "advisory": "GHSA-87mj-5ggw-8qc3",
            "discovery": "UNKNOWN"
          },
          "title": "pypdf: Possible infinite loop during recovery attempts in DictionaryObject.read_from_stream"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2026-33699",
        "datePublished": "2026-03-26T23:58:42.776Z",
        "dateReserved": "2026-03-23T17:06:05.746Z",
        "dateUpdated": "2026-03-27T19:59:39.751Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-57204 (GCVE-0-2026-57204)

    Vulnerability from cvelistv5 – Published: 2026-06-30 21:59 – Updated: 2026-07-01 14:29
    VLAI
    Title
    pypdf: Missing stream length values ignore defined limits
    Summary
    pypdf is a free and open-source pure-python PDF library. Prior to 6.13.3, a maliciously crafted PDF can cause DoS. An attacker who uses this vulnerability can craft a PDF which leads to large memory usage, as MAX_DECLARED_STREAM_LENGTH is sometimes ignored. This requires parsing a content stream without a /Length value. This issue has been fixed in version 6.13.3.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-400 - Uncontrolled Resource Consumption
    Assigner
    References
    Impacted products
    Vendor Product Version
    py-pdf pypdf Affected: < 6.13.3
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-57204",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-07-01T13:57:13.824803Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-01T14:29:01.785Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "pypdf",
              "vendor": "py-pdf",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003c 6.13.3"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "pypdf is a free and open-source pure-python PDF library. Prior to 6.13.3, a maliciously crafted PDF can cause DoS. An attacker who uses this vulnerability can craft a PDF which leads to large memory usage, as MAX_DECLARED_STREAM_LENGTH is sometimes ignored. This requires parsing a content stream without a /Length value. This issue has been fixed in version 6.13.3."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 6.9,
                "baseSeverity": "MEDIUM",
                "privilegesRequired": "NONE",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "LOW",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "NONE"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-400",
                  "description": "CWE-400: Uncontrolled Resource Consumption",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-30T21:59:46.274Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/py-pdf/pypdf/security/advisories/GHSA-jm82-fx9c-mx94",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/py-pdf/pypdf/security/advisories/GHSA-jm82-fx9c-mx94"
            },
            {
              "name": "https://github.com/py-pdf/pypdf/releases/tag/6.13.3",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/py-pdf/pypdf/releases/tag/6.13.3"
            }
          ],
          "source": {
            "advisory": "GHSA-jm82-fx9c-mx94",
            "discovery": "UNKNOWN"
          },
          "title": "pypdf: Missing stream length values ignore defined limits"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2026-57204",
        "datePublished": "2026-06-30T21:59:46.274Z",
        "dateReserved": "2026-06-24T02:00:46.801Z",
        "dateUpdated": "2026-07-01T14:29:01.785Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-54651 (GCVE-0-2026-54651)

    Vulnerability from cvelistv5 – Published: 2026-06-22 20:28 – Updated: 2026-06-23 12:10
    VLAI
    Title
    pypdf: Possible infinite loop when processing threads/articles in writer
    Summary
    pypdf is a free and open-source pure-python PDF library. Prior to 6.13.1, an attacker who uses this vulnerability can craft a PDF which leads to an infinite loop. This requires merging a file with threads/articles into a writer. This vulnerability is fixed in 6.13.1.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')
    Assigner
    Impacted products
    Vendor Product Version
    py-pdf pypdf Affected: < 6.13.1
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-54651",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-23T12:09:57.316922Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-23T12:10:07.463Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "pypdf",
              "vendor": "py-pdf",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003c 6.13.1"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "pypdf is a free and open-source pure-python PDF library. Prior to 6.13.1, an attacker who uses this vulnerability can craft a PDF which leads to an infinite loop. This requires merging a file with threads/articles into a writer. This vulnerability is fixed in 6.13.1."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "LOCAL",
                "baseScore": 6.9,
                "baseSeverity": "MEDIUM",
                "privilegesRequired": "NONE",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "NONE"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-835",
                  "description": "CWE-835: Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-22T20:28:28.412Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/py-pdf/pypdf/security/advisories/GHSA-g9xf-7f8q-9mcj",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/py-pdf/pypdf/security/advisories/GHSA-g9xf-7f8q-9mcj"
            },
            {
              "name": "https://github.com/py-pdf/pypdf/pull/3839",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/py-pdf/pypdf/pull/3839"
            },
            {
              "name": "https://github.com/py-pdf/pypdf/releases/tag/6.13.1",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/py-pdf/pypdf/releases/tag/6.13.1"
            }
          ],
          "source": {
            "advisory": "GHSA-g9xf-7f8q-9mcj",
            "discovery": "UNKNOWN"
          },
          "title": "pypdf: Possible infinite loop when processing threads/articles in writer"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2026-54651",
        "datePublished": "2026-06-22T20:28:28.412Z",
        "dateReserved": "2026-06-15T20:16:46.198Z",
        "dateUpdated": "2026-06-23T12:10:07.463Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-49460 (GCVE-0-2026-49460)

    Vulnerability from cvelistv5 – Published: 2026-06-22 20:28 – Updated: 2026-06-23 15:54
    VLAI
    Title
    pypdf: Inefficient decoding of FlateDecode PNG predictor streams
    Summary
    pypdf is a free and open-source pure-python PDF library. Prior to 6.12.2, an attacker who uses this vulnerability can craft a PDF which leads to long runtimes. This requires accessing a stream which uses the /FlateDecode filter with a PNG predictor. This vulnerability is fixed in 6.12.2.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-407 - Inefficient Algorithmic Complexity
    Assigner
    Impacted products
    Vendor Product Version
    py-pdf pypdf Affected: < 6.12.2
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-49460",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-23T14:04:25.948226Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-23T15:54:39.908Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "pypdf",
              "vendor": "py-pdf",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003c 6.12.2"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "pypdf is a free and open-source pure-python PDF library. Prior to 6.12.2, an attacker who uses this vulnerability can craft a PDF which leads to long runtimes. This requires accessing a stream which uses the /FlateDecode filter with a PNG predictor. This vulnerability is fixed in 6.12.2."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "LOCAL",
                "baseScore": 5.1,
                "baseSeverity": "MEDIUM",
                "privilegesRequired": "NONE",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "LOW",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "NONE"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-407",
                  "description": "CWE-407: Inefficient Algorithmic Complexity",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-22T20:28:16.413Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/py-pdf/pypdf/security/advisories/GHSA-5hgr-hg42-57jg",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/py-pdf/pypdf/security/advisories/GHSA-5hgr-hg42-57jg"
            },
            {
              "name": "https://github.com/py-pdf/pypdf/pull/3806",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/py-pdf/pypdf/pull/3806"
            },
            {
              "name": "https://github.com/py-pdf/pypdf/releases/tag/6.12.2",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/py-pdf/pypdf/releases/tag/6.12.2"
            }
          ],
          "source": {
            "advisory": "GHSA-5hgr-hg42-57jg",
            "discovery": "UNKNOWN"
          },
          "title": "pypdf: Inefficient decoding of FlateDecode PNG predictor streams"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2026-49460",
        "datePublished": "2026-06-22T20:28:16.413Z",
        "dateReserved": "2026-05-30T02:43:33.107Z",
        "dateUpdated": "2026-06-23T15:54:39.908Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-49461 (GCVE-0-2026-49461)

    Vulnerability from cvelistv5 – Published: 2026-06-22 20:27 – Updated: 2026-06-23 15:54
    VLAI
    Title
    pypdf: Possible large memory usage for form XObjects during text extraction
    Summary
    pypdf is a free and open-source pure-python PDF library. Prior to 6.12.2, an attacker who uses this vulnerability can craft a PDF which leads to large memory usage. This requires extracting the text of a page which contains a form XObject with self-references. This vulnerability is fixed in 6.12.2.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-400 - Uncontrolled Resource Consumption
    Assigner
    Impacted products
    Vendor Product Version
    py-pdf pypdf Affected: < 6.12.2
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-49461",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-23T12:23:13.224222Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-23T15:54:54.860Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "pypdf",
              "vendor": "py-pdf",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003c 6.12.2"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "pypdf is a free and open-source pure-python PDF library. Prior to 6.12.2, an attacker who uses this vulnerability can craft a PDF which leads to large memory usage. This requires extracting the text of a page which contains a form XObject with self-references. This vulnerability is fixed in 6.12.2."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "LOCAL",
                "baseScore": 6.9,
                "baseSeverity": "MEDIUM",
                "privilegesRequired": "NONE",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "NONE"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-400",
                  "description": "CWE-400: Uncontrolled Resource Consumption",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-22T20:27:16.174Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/py-pdf/pypdf/security/advisories/GHSA-j543-4vmf-qm7v",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/py-pdf/pypdf/security/advisories/GHSA-j543-4vmf-qm7v"
            },
            {
              "name": "https://github.com/py-pdf/pypdf/pull/3805",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/py-pdf/pypdf/pull/3805"
            },
            {
              "name": "https://github.com/py-pdf/pypdf/releases/tag/6.12.2",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/py-pdf/pypdf/releases/tag/6.12.2"
            }
          ],
          "source": {
            "advisory": "GHSA-j543-4vmf-qm7v",
            "discovery": "UNKNOWN"
          },
          "title": "pypdf: Possible large memory usage for form XObjects during text extraction"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2026-49461",
        "datePublished": "2026-06-22T20:27:16.174Z",
        "dateReserved": "2026-05-30T04:17:43.094Z",
        "dateUpdated": "2026-06-23T15:54:54.860Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-54531 (GCVE-0-2026-54531)

    Vulnerability from cvelistv5 – Published: 2026-06-22 20:26 – Updated: 2026-06-23 16:11
    VLAI
    Title
    pypdf: Possible infinite loop when processing outlines/bookmarks in writer
    Summary
    pypdf is a free and open-source pure-python PDF library. Prior to 6.13.0, an attacker who uses this vulnerability can craft a PDF which leads to an infinite loop. This requires merging a file with outlines into a writer. This vulnerability is fixed in 6.13.0.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')
    Assigner
    Impacted products
    Vendor Product Version
    py-pdf pypdf Affected: < 6.13.0
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-54531",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-23T14:17:27.850481Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-23T16:11:53.472Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "pypdf",
              "vendor": "py-pdf",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003c 6.13.0"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "pypdf is a free and open-source pure-python PDF library. Prior to 6.13.0, an attacker who uses this vulnerability can craft a PDF which leads to an infinite loop. This requires merging a file with outlines into a writer. This vulnerability is fixed in 6.13.0."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "LOCAL",
                "baseScore": 6.9,
                "baseSeverity": "MEDIUM",
                "privilegesRequired": "NONE",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "NONE"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-835",
                  "description": "CWE-835: Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-22T20:26:19.756Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/py-pdf/pypdf/security/advisories/GHSA-m2v9-299j-rv96",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/py-pdf/pypdf/security/advisories/GHSA-m2v9-299j-rv96"
            },
            {
              "name": "https://github.com/py-pdf/pypdf/pull/3830",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/py-pdf/pypdf/pull/3830"
            },
            {
              "name": "https://github.com/py-pdf/pypdf/releases/tag/6.13.0",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/py-pdf/pypdf/releases/tag/6.13.0"
            }
          ],
          "source": {
            "advisory": "GHSA-m2v9-299j-rv96",
            "discovery": "UNKNOWN"
          },
          "title": "pypdf: Possible infinite loop when processing outlines/bookmarks in writer"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2026-54531",
        "datePublished": "2026-06-22T20:26:19.756Z",
        "dateReserved": "2026-06-15T18:40:01.651Z",
        "dateUpdated": "2026-06-23T16:11:53.472Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-54530 (GCVE-0-2026-54530)

    Vulnerability from cvelistv5 – Published: 2026-06-22 20:25 – Updated: 2026-06-23 16:11
    VLAI
    Title
    pypdf: Possible infinite loop when retrieving fonts for layout-mode text extraction
    Summary
    pypdf is a free and open-source pure-python PDF library. Prior to 6.13.0, an attacker who uses this vulnerability can craft a PDF which leads to an infinite loop. This requires extracting the text in layout mode. This vulnerability is fixed in 6.13.0.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')
    Assigner
    Impacted products
    Vendor Product Version
    py-pdf pypdf Affected: < 6.13.0
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-54530",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-23T14:52:35.536228Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-23T16:11:37.526Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "pypdf",
              "vendor": "py-pdf",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003c 6.13.0"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "pypdf is a free and open-source pure-python PDF library. Prior to 6.13.0, an attacker who uses this vulnerability can craft a PDF which leads to an infinite loop. This requires extracting the text in layout mode. This vulnerability is fixed in 6.13.0."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "LOCAL",
                "baseScore": 6.9,
                "baseSeverity": "MEDIUM",
                "privilegesRequired": "NONE",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "NONE"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-835",
                  "description": "CWE-835: Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-22T20:25:29.305Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/py-pdf/pypdf/security/advisories/GHSA-52x6-gq3r-vpf4",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/py-pdf/pypdf/security/advisories/GHSA-52x6-gq3r-vpf4"
            },
            {
              "name": "https://github.com/py-pdf/pypdf/pull/3830",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/py-pdf/pypdf/pull/3830"
            },
            {
              "name": "https://github.com/py-pdf/pypdf/releases/tag/6.13.0",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/py-pdf/pypdf/releases/tag/6.13.0"
            }
          ],
          "source": {
            "advisory": "GHSA-52x6-gq3r-vpf4",
            "discovery": "UNKNOWN"
          },
          "title": "pypdf: Possible infinite loop when retrieving fonts for layout-mode text extraction"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2026-54530",
        "datePublished": "2026-06-22T20:25:29.305Z",
        "dateReserved": "2026-06-15T18:40:01.651Z",
        "dateUpdated": "2026-06-23T16:11:37.526Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-48155 (GCVE-0-2026-48155)

    Vulnerability from cvelistv5 – Published: 2026-05-28 14:51 – Updated: 2026-05-28 15:57
    VLAI
    Title
    pypdf: Possible large memory usage for large offsets for layout mode text
    Summary
    pypdf is a free and open-source pure-python PDF library. Prior to 6.12.0, an attacker who uses this vulnerability can craft a PDF which leads to large memory usage. This requires extracting text in layout mode with large character offsets. This vulnerability is fixed in 6.12.0.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-400 - Uncontrolled Resource Consumption
    Assigner
    Impacted products
    Vendor Product Version
    py-pdf pypdf Affected: < 6.12.0
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-48155",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-05-28T15:57:44.616233Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-05-28T15:57:54.367Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "pypdf",
              "vendor": "py-pdf",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003c 6.12.0"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "pypdf is a free and open-source pure-python PDF library. Prior to 6.12.0, an attacker who uses this vulnerability can craft a PDF which leads to large memory usage. This requires extracting text in layout mode with large character offsets. This vulnerability is fixed in 6.12.0."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "LOCAL",
                "baseScore": 4.8,
                "baseSeverity": "MEDIUM",
                "privilegesRequired": "NONE",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "PASSIVE",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "LOW",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "NONE"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-400",
                  "description": "CWE-400: Uncontrolled Resource Consumption",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-28T14:51:49.411Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/py-pdf/pypdf/security/advisories/GHSA-cj93-chg6-vgv8",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/py-pdf/pypdf/security/advisories/GHSA-cj93-chg6-vgv8"
            },
            {
              "name": "https://github.com/py-pdf/pypdf/pull/3790",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/py-pdf/pypdf/pull/3790"
            },
            {
              "name": "https://github.com/py-pdf/pypdf/releases/tag/6.12.0",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/py-pdf/pypdf/releases/tag/6.12.0"
            }
          ],
          "source": {
            "advisory": "GHSA-cj93-chg6-vgv8",
            "discovery": "UNKNOWN"
          },
          "title": "pypdf: Possible large memory usage for large offsets for layout mode text"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2026-48155",
        "datePublished": "2026-05-28T14:51:49.411Z",
        "dateReserved": "2026-05-20T23:12:43.031Z",
        "dateUpdated": "2026-05-28T15:57:54.367Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-48156 (GCVE-0-2026-48156)

    Vulnerability from cvelistv5 – Published: 2026-05-28 14:50 – Updated: 2026-05-30 02:08
    VLAI
    Title
    pypdf: Possible long runtimes for zero-only width values in cross-reference streams
    Summary
    pypdf is a free and open-source pure-python PDF library. Prior to 6.12.0, an attacker who uses this vulnerability can craft a PDF which leads to long runtimes. This requires cross-reference streams with /W [0 0 0] values and large /Size values. This vulnerability is fixed in 6.12.0.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    py-pdf pypdf Affected: < 6.12.0
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-48156",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-05-30T02:08:10.197722Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-05-30T02:08:20.806Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "pypdf",
              "vendor": "py-pdf",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003c 6.12.0"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "pypdf is a free and open-source pure-python PDF library. Prior to 6.12.0, an attacker who uses this vulnerability can craft a PDF which leads to long runtimes. This requires cross-reference streams with /W [0 0 0] values and large /Size values. This vulnerability is fixed in 6.12.0."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "LOCAL",
                "baseScore": 5.1,
                "baseSeverity": "MEDIUM",
                "privilegesRequired": "NONE",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "LOW",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "NONE"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-834",
                  "description": "CWE-834: Excessive Iteration",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-28T14:50:41.829Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/py-pdf/pypdf/security/advisories/GHSA-248m-82v9-q6g6",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/py-pdf/pypdf/security/advisories/GHSA-248m-82v9-q6g6"
            },
            {
              "name": "https://github.com/py-pdf/pypdf/pull/3791",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/py-pdf/pypdf/pull/3791"
            },
            {
              "name": "https://github.com/py-pdf/pypdf/releases/tag/6.12.0",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/py-pdf/pypdf/releases/tag/6.12.0"
            }
          ],
          "source": {
            "advisory": "GHSA-248m-82v9-q6g6",
            "discovery": "UNKNOWN"
          },
          "title": "pypdf: Possible long runtimes for zero-only width values in cross-reference streams"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2026-48156",
        "datePublished": "2026-05-28T14:50:41.829Z",
        "dateReserved": "2026-05-20T23:12:43.031Z",
        "dateUpdated": "2026-05-30T02:08:20.806Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-48735 (GCVE-0-2026-48735)

    Vulnerability from cvelistv5 – Published: 2026-05-28 14:49 – Updated: 2026-06-02 14:57
    VLAI
    Title
    pypdf: Manipulated XMP metadata streams can exhaust RAM
    Summary
    pypdf is a free and open-source pure-python PDF library. Prior to 6.12.1, an attacker who uses this vulnerability can craft a PDF which leads to large memory usage. This requires parsing large XMP metadata, possibly with lots of unnecessary elements. This vulnerability is fixed in 6.12.1.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-770 - Allocation of Resources Without Limits or Throttling
    Assigner
    Impacted products
    Vendor Product Version
    py-pdf pypdf Affected: < 6.12.1
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-48735",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-02T14:56:55.997922Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-02T14:57:31.021Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "pypdf",
              "vendor": "py-pdf",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003c 6.12.1"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "pypdf is a free and open-source pure-python PDF library. Prior to 6.12.1, an attacker who uses this vulnerability can craft a PDF which leads to large memory usage. This requires parsing large XMP metadata, possibly with lots of unnecessary elements. This vulnerability is fixed in 6.12.1."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "LOCAL",
                "baseScore": 6.9,
                "baseSeverity": "MEDIUM",
                "privilegesRequired": "NONE",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "NONE"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-770",
                  "description": "CWE-770: Allocation of Resources Without Limits or Throttling",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-28T14:49:11.814Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/py-pdf/pypdf/security/advisories/GHSA-wjqc-6w8f-h24c",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/py-pdf/pypdf/security/advisories/GHSA-wjqc-6w8f-h24c"
            },
            {
              "name": "https://github.com/py-pdf/pypdf/pull/3796",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/py-pdf/pypdf/pull/3796"
            },
            {
              "name": "https://github.com/py-pdf/pypdf/releases/tag/6.12.1",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/py-pdf/pypdf/releases/tag/6.12.1"
            }
          ],
          "source": {
            "advisory": "GHSA-wjqc-6w8f-h24c",
            "discovery": "UNKNOWN"
          },
          "title": "pypdf: Manipulated XMP metadata streams can exhaust RAM"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2026-48735",
        "datePublished": "2026-05-28T14:49:11.814Z",
        "dateReserved": "2026-05-22T19:10:35.746Z",
        "dateUpdated": "2026-06-02T14:57:31.021Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-41314 (GCVE-0-2026-41314)

    Vulnerability from cvelistv5 – Published: 2026-04-22 21:08 – Updated: 2026-04-23 14:21
    VLAI
    Title
    pypdf: Manipulated FlateDecode image dimensions can exhaust RAM
    Summary
    pypdf is a free and open-source pure-python PDF library. An attacker who uses a vulnerability present in versions prior to 6.10.2 can craft a PDF which leads to the RAM being exhausted. This requires accessing an image using `/FlateDecode` with large size values. This has been fixed in pypdf 6.10.2. As a workaround, one may apply the changes from the patch manually.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-789 - Memory Allocation with Excessive Size Value
    Assigner
    Impacted products
    Vendor Product Version
    py-pdf pypdf Affected: < 6.10.2
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-41314",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-04-23T14:21:23.056055Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-04-23T14:21:47.589Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "pypdf",
              "vendor": "py-pdf",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003c 6.10.2"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "pypdf is a free and open-source pure-python PDF library. An attacker who uses a vulnerability present in versions prior to 6.10.2 can craft a PDF which leads to the RAM being exhausted. This requires accessing an image using `/FlateDecode` with large size values. This has been fixed in pypdf 6.10.2. As a workaround, one may apply the changes from the patch manually."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "LOCAL",
                "baseScore": 4.8,
                "baseSeverity": "MEDIUM",
                "privilegesRequired": "NONE",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "PASSIVE",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "LOW",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "NONE"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-789",
                  "description": "CWE-789: Memory Allocation with Excessive Size Value",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-22T21:08:14.700Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/py-pdf/pypdf/security/advisories/GHSA-x284-j5p8-9c5p",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/py-pdf/pypdf/security/advisories/GHSA-x284-j5p8-9c5p"
            },
            {
              "name": "https://github.com/py-pdf/pypdf/pull/3734",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/py-pdf/pypdf/pull/3734"
            },
            {
              "name": "https://github.com/py-pdf/pypdf/commit/ac734dab4eef92bcce50d503949b4d9887d89f11",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/py-pdf/pypdf/commit/ac734dab4eef92bcce50d503949b4d9887d89f11"
            },
            {
              "name": "https://github.com/py-pdf/pypdf/releases/tag/6.10.2",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/py-pdf/pypdf/releases/tag/6.10.2"
            }
          ],
          "source": {
            "advisory": "GHSA-x284-j5p8-9c5p",
            "discovery": "UNKNOWN"
          },
          "title": "pypdf: Manipulated FlateDecode image dimensions can exhaust RAM"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2026-41314",
        "datePublished": "2026-04-22T21:08:14.700Z",
        "dateReserved": "2026-04-20T14:01:46.671Z",
        "dateUpdated": "2026-04-23T14:21:47.589Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-41313 (GCVE-0-2026-41313)

    Vulnerability from cvelistv5 – Published: 2026-04-22 21:04 – Updated: 2026-04-23 16:24
    VLAI
    Title
    pypdf: Possible long runtimes for wrong size values in incremental mode
    Summary
    pypdf is a free and open-source pure-python PDF library. An attacker who uses a vulnerability present in versions prior to 6.10.2 can craft a PDF which leads to long runtimes. This requires loading a PDF with a large trailer `/Size` value in incremental mode. This has been fixed in pypdf 6.10.2. As a workaround, one may apply the changes from the patch manually.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    py-pdf pypdf Affected: < 6.10.2
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-41313",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-04-23T13:42:06.228654Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-04-23T16:24:39.932Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "pypdf",
              "vendor": "py-pdf",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003c 6.10.2"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "pypdf is a free and open-source pure-python PDF library. An attacker who uses a vulnerability present in versions prior to 6.10.2 can craft a PDF which leads to long runtimes. This requires loading a PDF with a large trailer `/Size` value in incremental mode. This has been fixed in pypdf 6.10.2. As a workaround, one may apply the changes from the patch manually."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "LOCAL",
                "baseScore": 4.8,
                "baseSeverity": "MEDIUM",
                "privilegesRequired": "NONE",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "PASSIVE",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "LOW",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "NONE"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-834",
                  "description": "CWE-834: Excessive Iteration",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-22T21:04:59.877Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/py-pdf/pypdf/security/advisories/GHSA-4pxv-j86v-mhcw",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/py-pdf/pypdf/security/advisories/GHSA-4pxv-j86v-mhcw"
            },
            {
              "name": "https://github.com/py-pdf/pypdf/pull/3735",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/py-pdf/pypdf/pull/3735"
            },
            {
              "name": "https://github.com/py-pdf/pypdf/commit/c50a0104cf083356f7c7f5d61410466a57f5c88a",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/py-pdf/pypdf/commit/c50a0104cf083356f7c7f5d61410466a57f5c88a"
            },
            {
              "name": "https://github.com/py-pdf/pypdf/releases/tag/6.10.2",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/py-pdf/pypdf/releases/tag/6.10.2"
            }
          ],
          "source": {
            "advisory": "GHSA-4pxv-j86v-mhcw",
            "discovery": "UNKNOWN"
          },
          "title": "pypdf: Possible long runtimes for wrong size values in incremental mode"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2026-41313",
        "datePublished": "2026-04-22T21:04:59.877Z",
        "dateReserved": "2026-04-20T14:01:46.671Z",
        "dateUpdated": "2026-04-23T16:24:39.932Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-41312 (GCVE-0-2026-41312)

    Vulnerability from cvelistv5 – Published: 2026-04-22 21:02 – Updated: 2026-04-23 13:45
    VLAI
    Title
    pypdf: Manipulated FlateDecode predictor parameters can exhaust RAM
    Summary
    pypdf is a free and open-source pure-python PDF library. An attacker who uses a vulnerability present in versions prior to 6.10.2 can craft a PDF which leads to the RAM being exhausted. This requires accessing a stream compressed using `/FlateDecode` with a `/Predictor` unequal 1 and large predictor parameters. This has been fixed in pypdf 6.10.2. As a workaround, one may apply the changes from the patch manually.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-789 - Memory Allocation with Excessive Size Value
    Assigner
    Impacted products
    Vendor Product Version
    py-pdf pypdf Affected: < 6.10.2
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-41312",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-04-23T13:45:18.970091Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-04-23T13:45:30.296Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "pypdf",
              "vendor": "py-pdf",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003c 6.10.2"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "pypdf is a free and open-source pure-python PDF library. An attacker who uses a vulnerability present in versions prior to 6.10.2 can craft a PDF which leads to the RAM being exhausted. This requires accessing a stream compressed using `/FlateDecode` with a `/Predictor` unequal 1 and large predictor parameters. This has been fixed in pypdf 6.10.2. As a workaround, one may apply the changes from the patch manually."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "LOCAL",
                "baseScore": 4.8,
                "baseSeverity": "MEDIUM",
                "privilegesRequired": "NONE",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "PASSIVE",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "LOW",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "NONE"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-789",
                  "description": "CWE-789: Memory Allocation with Excessive Size Value",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-22T21:04:22.958Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/py-pdf/pypdf/security/advisories/GHSA-7gw9-cf7v-778f",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/py-pdf/pypdf/security/advisories/GHSA-7gw9-cf7v-778f"
            },
            {
              "name": "https://github.com/py-pdf/pypdf/pull/3734",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/py-pdf/pypdf/pull/3734"
            },
            {
              "name": "https://github.com/py-pdf/pypdf/commit/ac734dab4eef92bcce50d503949b4d9887d89f11",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/py-pdf/pypdf/commit/ac734dab4eef92bcce50d503949b4d9887d89f11"
            },
            {
              "name": "https://github.com/py-pdf/pypdf/releases/tag/6.10.2",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/py-pdf/pypdf/releases/tag/6.10.2"
            }
          ],
          "source": {
            "advisory": "GHSA-7gw9-cf7v-778f",
            "discovery": "UNKNOWN"
          },
          "title": "pypdf: Manipulated FlateDecode predictor parameters can exhaust RAM"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2026-41312",
        "datePublished": "2026-04-22T21:02:53.156Z",
        "dateReserved": "2026-04-20T14:01:46.671Z",
        "dateUpdated": "2026-04-23T13:45:30.296Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-41168 (GCVE-0-2026-41168)

    Vulnerability from cvelistv5 – Published: 2026-04-22 20:49 – Updated: 2026-04-23 16:24
    VLAI
    Title
    pypdf has possible long runtimes for wrong size values in cross-reference and object streams
    Summary
    pypdf is a free and open-source pure-python PDF library. An attacker who uses a vulnerability present in versions prior to 6.10.1 can craft a PDF which leads to long runtimes. This requires cross-reference streams with wrong large `/Size` values or object streams with wrong large `/N` values. This has been fixed in pypdf 6.10.1. As a workaround, one may apply the changes from the patch manually.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    py-pdf pypdf Affected: < 6.10.1
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-41168",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-04-23T13:41:24.058142Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-04-23T16:24:48.712Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "pypdf",
              "vendor": "py-pdf",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003c 6.10.1"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "pypdf is a free and open-source pure-python PDF library. An attacker who uses a vulnerability present in versions prior to 6.10.1 can craft a PDF which leads to long runtimes. This requires cross-reference streams with wrong large `/Size` values or object streams with wrong large `/N` values. This has been fixed in pypdf 6.10.1. As a workaround, one may apply the changes from the patch manually."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 6.9,
                "baseSeverity": "MEDIUM",
                "privilegesRequired": "NONE",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "LOW",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "NONE"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-834",
                  "description": "CWE-834: Excessive Iteration",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-22T20:49:10.401Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/py-pdf/pypdf/security/advisories/GHSA-jj6c-8h6c-hppx",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/py-pdf/pypdf/security/advisories/GHSA-jj6c-8h6c-hppx"
            },
            {
              "name": "https://github.com/py-pdf/pypdf/pull/3733",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/py-pdf/pypdf/pull/3733"
            },
            {
              "name": "https://github.com/py-pdf/pypdf/commit/62338e9d36419cf193ccec7331784f45df1d70b3",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/py-pdf/pypdf/commit/62338e9d36419cf193ccec7331784f45df1d70b3"
            },
            {
              "name": "https://github.com/py-pdf/pypdf/releases/tag/6.10.1",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/py-pdf/pypdf/releases/tag/6.10.1"
            }
          ],
          "source": {
            "advisory": "GHSA-jj6c-8h6c-hppx",
            "discovery": "UNKNOWN"
          },
          "title": "pypdf has possible long runtimes for wrong size values in cross-reference and object streams"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2026-41168",
        "datePublished": "2026-04-22T20:49:10.401Z",
        "dateReserved": "2026-04-17T16:34:45.525Z",
        "dateUpdated": "2026-04-23T16:24:48.712Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-40260 (GCVE-0-2026-40260)

    Vulnerability from cvelistv5 – Published: 2026-04-16 23:18 – Updated: 2026-04-17 18:42
    VLAI
    Title
    pypdf: Manipulated XMP metadata entity declarations can exhaust RAM
    Summary
    pypdf is a free and open-source pure-python PDF library. In versions prior to 6.10.0, manipulated XMP metadata entity declarations can exhaust RAM. An attacker who exploits this vulnerability can craft a PDF which leads to large memory usage. This requires parsing the XMP metadata. This issue has been fixed in version 6.10.0.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-776 - Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')
    Assigner
    Impacted products
    Vendor Product Version
    py-pdf pypdf Affected: < 6.10.0
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-40260",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-04-17T18:41:50.866889Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-04-17T18:42:05.059Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "pypdf",
              "vendor": "py-pdf",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003c 6.10.0"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "pypdf is a free and open-source pure-python PDF library. In versions prior to 6.10.0, manipulated XMP metadata entity declarations can exhaust RAM. An attacker who exploits this vulnerability can craft a PDF which leads to large memory usage. This requires parsing the XMP metadata. This issue has been fixed in version 6.10.0."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 6.9,
                "baseSeverity": "MEDIUM",
                "privilegesRequired": "NONE",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "LOW",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "NONE"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-776",
                  "description": "CWE-776: Improper Restriction of Recursive Entity References in DTDs (\u0027XML Entity Expansion\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-16T23:18:26.687Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/py-pdf/pypdf/security/advisories/GHSA-3crg-w4f6-42mx",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/py-pdf/pypdf/security/advisories/GHSA-3crg-w4f6-42mx"
            },
            {
              "name": "https://github.com/py-pdf/pypdf/pull/3724",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/py-pdf/pypdf/pull/3724"
            },
            {
              "name": "https://github.com/py-pdf/pypdf/commit/b15a374e5ca648d4878e57c3b2c0551e7f8cc7f8",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/py-pdf/pypdf/commit/b15a374e5ca648d4878e57c3b2c0551e7f8cc7f8"
            },
            {
              "name": "https://github.com/py-pdf/pypdf/releases/tag/6.10.0",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/py-pdf/pypdf/releases/tag/6.10.0"
            }
          ],
          "source": {
            "advisory": "GHSA-3crg-w4f6-42mx",
            "discovery": "UNKNOWN"
          },
          "title": "pypdf: Manipulated XMP metadata entity declarations can exhaust RAM"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2026-40260",
        "datePublished": "2026-04-16T23:18:26.687Z",
        "dateReserved": "2026-04-10T17:31:45.787Z",
        "dateUpdated": "2026-04-17T18:42:05.059Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-33699 (GCVE-0-2026-33699)

    Vulnerability from cvelistv5 – Published: 2026-03-26 23:58 – Updated: 2026-03-27 19:59
    VLAI
    Title
    pypdf: Possible infinite loop during recovery attempts in DictionaryObject.read_from_stream
    Summary
    pypdf is a free and open-source pure-python PDF library. Versions prior to 6.9.2 have a vulnerability in which an attacker can craft a PDF which leads to an infinite loop. This requires reading a file in non-strict mode. This has been fixed in pypdf 6.9.2. If users cannot upgrade yet, consider applying the changes from the patch manually.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')
    Assigner
    Impacted products
    Vendor Product Version
    py-pdf pypdf Affected: < 6.9.2
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-33699",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-03-27T13:27:07.800115Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-03-27T19:59:39.751Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "pypdf",
              "vendor": "py-pdf",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003c 6.9.2"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "pypdf is a free and open-source pure-python PDF library. Versions prior to 6.9.2 have a vulnerability in which an attacker can craft a PDF which leads to an infinite loop. This requires reading a file in non-strict mode. This has been fixed in pypdf 6.9.2. If users cannot upgrade yet, consider applying the changes from the patch manually."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "LOW",
                "attackRequirements": "PRESENT",
                "attackVector": "NETWORK",
                "baseScore": 4.6,
                "baseSeverity": "MEDIUM",
                "privilegesRequired": "NONE",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "NONE"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-835",
                  "description": "CWE-835: Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-03-26T23:58:42.776Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/py-pdf/pypdf/security/advisories/GHSA-87mj-5ggw-8qc3",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/py-pdf/pypdf/security/advisories/GHSA-87mj-5ggw-8qc3"
            },
            {
              "name": "https://github.com/py-pdf/pypdf/pull/3693",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/py-pdf/pypdf/pull/3693"
            },
            {
              "name": "https://github.com/py-pdf/pypdf/releases/tag/6.9.2",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/py-pdf/pypdf/releases/tag/6.9.2"
            }
          ],
          "source": {
            "advisory": "GHSA-87mj-5ggw-8qc3",
            "discovery": "UNKNOWN"
          },
          "title": "pypdf: Possible infinite loop during recovery attempts in DictionaryObject.read_from_stream"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2026-33699",
        "datePublished": "2026-03-26T23:58:42.776Z",
        "dateReserved": "2026-03-23T17:06:05.746Z",
        "dateUpdated": "2026-03-27T19:59:39.751Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }