ROOT-APP-PYPI-CVE-2026-27024 CVE-2026-27024 in rootio-pypdf - Patched by Root

Root has patched CVE-2026-27024 in the rootio-pypdf package for Root:PyPI. Multiple fixed versions available...

python311-PyPDF2-2.11.1-4.1 on GA media (moderate)

python311-PyPDF2-2.11.1-4.1 on GA media Announcement ID: openSUSE-SU-2026:10238-1 Rating: moderate Cross-References: CVE-2025-55197 CVE-2026-27024 CVE-2026-27025 CVE-2026-27026 Affected Products: openSUSE Tumbleweed An update that solves 4 vulnerabilities can now be installed. Description: These...

Linux Distros Unpatched Vulnerability : CVE-2026-27024

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - pypdf is a free and open-source pure-python PDF library. Prior to 6.7.1, an attacker who uses this vulnerability can craft a PDF which leads to an infinite loop...

CVE-2026-27024

A flaw was found in pypdf. An attacker can craft a malicious PDF file that, when processed, leads to an infinite loop. This occurs when accessing specific elements within the PDF structure, such as the children of a TreeObject, which can be part of outlines. This vulnerability results in a Denial...

CVE-2026-27024

pypdf is a free and open-source pure-python PDF library. Prior to 6.7.1, an attacker who uses this vulnerability can craft a PDF which leads to an infinite loop. This requires accessing the children of a TreeObject, for example as part of outlines. This vulnerability is fixed in 6.7.1...

CVE-2026-27024 vulnerabilities

Vulnerabilities for packages: open-webui...

CVE-2026-27024 vulnerabilities

Vulnerabilities for packages: open-webui...

01os (>=0.0.5 <=0.0.13), 3m (>=0.1.0 <=0.1.3) +1823 more potentially affected by CVE-2026-27024 via pypdf (>=6.0.0 <=6.7.0)

pypdf PYPI version =6.0.0, =0.0.5, =0.1.0, =0.4.1, =0.2.5, =0.0.2, =0.2.0, =1.2.27, =0.1.0, =1.2.32, =0.2.5, =1.0.0, =0.1.1, =0.4.6 - adstoolbox =2025.12.2.2 and more Source cves: CVE-2026-27024 Source advisory: SNYK:PYTHON-PYPDF-15309440...

EUVD-2022-27024

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2024-27024

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net/rds: fix WARNING in rdsconnconnectifdown If connection isn't established yet, getmr will fail, trigger connection after getmr. CVE-2024-27024 Note that Ness...

CVE-2025-27024

creationtimestamp| type| source ---|---|--- 2025-07-02 12:47:33+00:00| seen| https://infosec.exchange/users/cR0w/statuses/114783712216991743 2025-07-02 13:47:07+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lsydzm7zd72m...

CVE-2025-27024

Unrestricted access to OS file system in SFTP service in Infinera G42 version R6.1.3 allows remote authenticated users to read/write OS files via SFTP connections. Details: Account members of the Network Administrator profile can access the target machine via SFTP with the same credentials used f...

CVE-2025-27024 Improper File Access in Infinera G42

Unrestricted access to OS file system in SFTP service in Infinera G42 version R6.1.3 allows remote authenticated users to read/write OS files via SFTP connections. Details: Account members of the Network Administrator profile can access the target machine via SFTP with the same credentials used f...

CVE-2025-27024 Improper File Access in Infinera G42

Unrestricted access to OS file system in SFTP service in Infinera G42 version R6.1.3 allows remote authenticated users to read/write OS files via SFTP connections. Details: Account members of the Network Administrator profile can access the target machine via SFTP with the same credentials used f...

CVE-2025-27024

CVE-2025-27024 affects Infinera G42, version R6.1.3. The vulnerability arises from improper access control in the SFTP service, allowing remote authenticated users (Network Administrator profile) to read and write OS files outside the chroot, using the same credentials as SSH CLI. Impact is confi...

Amazon Linux 2 : kernel (ALASKERNEL-5.4-2024-089)

The version of kernel installed on the remote host is prior to 5.4.272-185.370. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.4-2024-089 advisory. 2025-01-21: CVE-2024-26851 was added to this advisory. 2025-01-21: CVE-2024-27024 was added to this...

Amazon Linux 2 : kernel (ALASKERNEL-5.4-2024-082)

The version of kernel installed on the remote host is prior to 5.4.272-185.370. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.4-2024-082 advisory. In the Linux kernel, the following vulnerability has been resolved: hvnetvsc: Register VF in netvscprobe i...

USN-6821-4: Linux kernel (Azure) vulnerabilities

It was discovered that the ATA over Ethernet AoE driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. CVE-2023-6270 It was discovered that the Atheros 802.11ac...

CVE-2021-27024

creationtimestamp| type| source ---|---|--- 2021-11-18 18:16:00+00:00| seen| https://t.me/cibsecurity/32623...

CVE-2021-27024

CVE-2021-27024 affects Puppet’s Continuous Delivery for Puppet Enterprise (CD4PE). A flaw allows a user with lower privileges to access a Puppet Enterprise API token. The issue is mitigated by CD4PE version 4.10.0. The available sources describe the vulnerability and its fix but do not provide ex...