CVE-2026-48155
- EPSS 0.13%
- Veröffentlicht 28.05.2026 14:51:49
- Zuletzt bearbeitet 29.05.2026 19:38:41
pypdf is a free and open-source pure-python PDF library. Prior to 6.12.0, an attacker who uses this vulnerability can craft a PDF which leads to large memory usage. This requires extracting text in layout mode with large character offsets. This vulne...
CVE-2026-48156
- EPSS 0.12%
- Veröffentlicht 28.05.2026 14:50:41
- Zuletzt bearbeitet 29.05.2026 19:38:49
pypdf is a free and open-source pure-python PDF library. Prior to 6.12.0, an attacker who uses this vulnerability can craft a PDF which leads to long runtimes. This requires cross-reference streams with /W [0 0 0] values and large /Size values. This ...
CVE-2026-48735
- EPSS 0.13%
- Veröffentlicht 28.05.2026 14:49:11
- Zuletzt bearbeitet 29.05.2026 19:38:59
pypdf is a free and open-source pure-python PDF library. Prior to 6.12.1, an attacker who uses this vulnerability can craft a PDF which leads to large memory usage. This requires parsing large XMP metadata, possibly with lots of unnecessary elements....
CVE-2026-41314
- EPSS 0.23%
- Veröffentlicht 22.04.2026 21:08:14
- Zuletzt bearbeitet 27.04.2026 19:29:40
pypdf is a free and open-source pure-python PDF library. An attacker who uses a vulnerability present in versions prior to 6.10.2 can craft a PDF which leads to the RAM being exhausted. This requires accessing an image using `/FlateDecode` with large...
CVE-2026-41313
- EPSS 0.21%
- Veröffentlicht 22.04.2026 21:04:59
- Zuletzt bearbeitet 27.04.2026 19:30:37
pypdf is a free and open-source pure-python PDF library. An attacker who uses a vulnerability present in versions prior to 6.10.2 can craft a PDF which leads to long runtimes. This requires loading a PDF with a large trailer `/Size` value in incremen...
CVE-2026-41312
- EPSS 0.23%
- Veröffentlicht 22.04.2026 21:02:53
- Zuletzt bearbeitet 27.04.2026 19:31:03
pypdf is a free and open-source pure-python PDF library. An attacker who uses a vulnerability present in versions prior to 6.10.2 can craft a PDF which leads to the RAM being exhausted. This requires accessing a stream compressed using `/FlateDecode`...
CVE-2026-41168
- EPSS 0.3%
- Veröffentlicht 22.04.2026 20:49:10
- Zuletzt bearbeitet 24.04.2026 13:07:24
pypdf is a free and open-source pure-python PDF library. An attacker who uses a vulnerability present in versions prior to 6.10.1 can craft a PDF which leads to long runtimes. This requires cross-reference streams with wrong large `/Size` values or o...
CVE-2026-40260
- EPSS 0.42%
- Veröffentlicht 16.04.2026 23:18:26
- Zuletzt bearbeitet 22.04.2026 20:16:03
pypdf is a free and open-source pure-python PDF library. In versions prior to 6.10.0, manipulated XMP metadata entity declarations can exhaust RAM. An attacker who exploits this vulnerability can craft a PDF which leads to large memory usage. This re...
CVE-2026-33699
- EPSS 0.46%
- Veröffentlicht 26.03.2026 23:58:42
- Zuletzt bearbeitet 01.04.2026 16:01:35
pypdf is a free and open-source pure-python PDF library. Versions prior to 6.9.2 have a vulnerability in which an attacker can craft a PDF which leads to an infinite loop. This requires reading a file in non-strict mode. This has been fixed in pypdf ...
CVE-2026-33123
- EPSS 0.35%
- Veröffentlicht 20.03.2026 09:09:12
- Zuletzt bearbeitet 23.03.2026 15:48:01
pypdf is a free and open-source pure-python PDF library. Versions prior to 6.9.1 allow an attacker to craft a malicious PDF which leads to long runtimes and/or large memory usage. Exploitation requires accessing an array-based stream with many entrie...