Lucene search
K

8 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:26 p.m.10 views

CVE-2026-40260

pypdf is a free and open-source pure-python PDF library. In versions prior to 6.10.0, manipulated XMP metadata entity declarations can exhaust RAM. An attacker who exploits this vulnerability can craft a PDF which leads to large memory usage. This requires parsing the XMP metadata. This issue has...

6.9CVSS5.3AI score0.00423EPSS
Exploits0References1
OSV
OSV
added 2026/06/04 10:45 a.m.10 views

ROOT-APP-PYPI-CVE-2026-40260 CVE-2026-40260 in rootio-pypdf - Patched by Root

Root has patched CVE-2026-40260 in the rootio-pypdf package for Root:PyPI. Multiple fixed versions available...

6.9CVSS5.8AI score0.00423EPSS
Exploits0
Wolfi
Wolfi
added 2026/04/29 8:1 p.m.15 views

CVE-2026-40260 vulnerabilities

Vulnerabilities for packages: open-webui...

6.9CVSS5AI score0.00423EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/04/23 12:0 a.m.6 views

openSUSE 16 Security Update : python-PyPDF2 (openSUSE-SU-2026:20598-1)

The remote openSUSE 16 host has a package installed that is affected by a vulnerability as referenced in the openSUSE- SU-2026:20598-1 advisory. Changes in python-PyPDF2: - CVE-2026-40260: crafted PDF can lead to large memory usage bsc1262284 Tenable has extracted the preceding description block...

6.9CVSS5.8AI score0.00423EPSS
Exploits0References3
OPENSUSE Linux
OPENSUSE Linux
added 2026/04/22 12:0 a.m.11 views

Security update for python-PyPDF2 (moderate)

openSUSE security update: security update for python-pypdf2 ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20598-1 Rating: moderate References: bsc1262284 Cross-References: CVE-2026-40260 Affected Products: openSUSE Leap 16.0...

6.9CVSS5.7AI score0.00423EPSS
Exploits0References1
Chainguard
Chainguard
added 2026/04/18 1:17 a.m.10 views

CVE-2026-40260 vulnerabilities

Vulnerabilities for packages: nemo, open-webui, litellm...

6.9CVSS6.1AI score0.00423EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2026/04/17 12:0 a.m.5 views

CVE-2026-40260

pypdf is a free and open-source pure-python PDF library. In versions prior to 6.10.0, manipulated XMP metadata entity declarations can exhaust RAM. An attacker who exploits this vulnerability can craft a PDF which leads to large memory usage. This requires parsing the XMP metadata. This issue has...

6.9CVSS5.8AI score0.00423EPSS
Exploits0References3
vulnersOsv
vulnersOsv
added 2026/04/10 8:59 p.m.5 views

aiagents4pharma (>=1.45.0 <=1.48.1), aiagents4pharma-ansh (=0.0.0) +17 more potentially affected by CVE-2026-40260 via pypdf (=6.0.0)

pypdf PYPI version =6.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on pypdf and may be impacted: - aiagents4pharma =1.45.0, =1759155233.0.0, =0.3.0, =4.7.6, =1.0.0, =0.6.27, =0.0.1, =2025.7.0, =0.1.0, =0.4.1 and more Source cves: CVE-2026-40260...

6.9CVSS5.4AI score0.00423EPSS
Exploits0
Rows per page
Query Builder