CVE-2026-31826
- EPSS 0.17%
- Veröffentlicht 10.03.2026 21:36:52
- Zuletzt bearbeitet 17.03.2026 20:52:08
pypdf is a free and open-source pure-python PDF library. Prior to 6.8.0, an attacker who uses this vulnerability can craft a PDF which leads to large memory usage. This requires parsing a content stream with a rather large /Length value, regardless o...
CVE-2026-28804
- EPSS 0.4%
- Veröffentlicht 06.03.2026 06:46:28
- Zuletzt bearbeitet 10.03.2026 19:39:37
pypdf is a free and open-source pure-python PDF library. Prior to version 6.7.5, an attacker who uses this vulnerability can craft a PDF which leads to long runtimes. This requires accessing a stream which uses the /ASCIIHexDecode filter. This issue ...
CVE-2026-28351
- EPSS 0.42%
- Veröffentlicht 27.02.2026 20:59:16
- Zuletzt bearbeitet 03.03.2026 18:36:06
pypdf is a free and open-source pure-python PDF library. Prior to version 6.7.4, an attacker who uses this vulnerability can craft a PDF which leads to large memory usage. This requires parsing the content stream using the RunLengthDecode filter. Thi...
CVE-2026-27888
- EPSS 0.35%
- Veröffentlicht 26.02.2026 00:42:00
- Zuletzt bearbeitet 27.02.2026 17:26:35
pypdf is a free and open-source pure-python PDF library. Prior to 6.7.3, an attacker who uses this vulnerability can craft a PDF which leads to the RAM being exhausted. This requires accessing the `xfa` property of a reader or writer and the correspo...
CVE-2026-27628
- EPSS 0.35%
- Veröffentlicht 25.02.2026 03:16:06
- Zuletzt bearbeitet 27.02.2026 20:21:38
pypdf is a free and open-source pure-python PDF library. Prior to 6.7.2, an attacker who uses this vulnerability can craft a PDF which leads to an infinite loop. This requires reading the file. This has been fixed in pypdf 6.7.2. As a workaround, one...
CVE-2026-27026
- EPSS 0.17%
- Veröffentlicht 20.02.2026 21:12:33
- Zuletzt bearbeitet 24.02.2026 15:13:39
pypdf is a free and open-source pure-python PDF library. Prior to 6.7.1, an attacker who uses this vulnerability can craft a PDF which leads to long runtimes. This requires a malformed /FlateDecode stream, where the byte-by-byte decompression is used...
CVE-2026-27025
- EPSS 0.17%
- Veröffentlicht 20.02.2026 21:11:20
- Zuletzt bearbeitet 24.02.2026 15:16:48
pypdf is a free and open-source pure-python PDF library. Prior to 6.7.1, an attacker who uses this vulnerability can craft a PDF which leads to long runtimes and large memory consumption. This requires parsing the /ToUnicode entry of a font with unus...
CVE-2026-27024
- EPSS 0.17%
- Veröffentlicht 20.02.2026 21:10:07
- Zuletzt bearbeitet 24.02.2026 15:19:23
pypdf is a free and open-source pure-python PDF library. Prior to 6.7.1, an attacker who uses this vulnerability can craft a PDF which leads to an infinite loop. This requires accessing the children of a TreeObject, for example as part of outlines. T...
CVE-2026-24688
- EPSS 0.39%
- Veröffentlicht 27.01.2026 19:44:06
- Zuletzt bearbeitet 25.02.2026 17:40:23
pypdf is a free and open-source pure-python PDF library. An attacker who uses an infinite loop vulnerability that is present in versions prior to 6.6.2 can craft a PDF which leads to an infinite loop. This requires accessing the outlines/bookmarks. T...
CVE-2026-22691
- EPSS 0.39%
- Veröffentlicht 10.01.2026 04:46:12
- Zuletzt bearbeitet 22.01.2026 15:01:05
pypdf is a free and open-source pure-python PDF library. Prior to version 6.6.0, pypdf has possible long runtimes for malformed startxref. An attacker who uses this vulnerability can craft a PDF which leads to possibly long runtimes for invalid start...