Lucene search
K

1910 matches found

SUSE CVE
SUSE CVE
added 2026/05/30 1:59 a.m.13 views

SUSE CVE-2026-48735

pypdf is a free and open-source pure-python PDF library. Prior to 6.12.1, an attacker who uses this vulnerability can craft a PDF which leads to large memory usage. This requires parsing large XMP metadata, possibly with lots of unnecessary elements. This vulnerability is fixed in 6.12.1...

5.5CVSS5.8AI score0.0013EPSS
Exploits0References3
NVD
NVD
added 2026/05/29 8:16 p.m.16 views

CVE-2026-45149

The brace-expansion library generates arbitrary strings containing a common prefix and suffix. From 5.0.0 to before 5.0.6, the max option was being applied too late. When expanding a single large numeric range like 1..10000000, the sequence generation loop generates all 10 million intermediate...

7.5CVSS0.00278EPSS
Exploits0References1
OSV
OSV
added 2026/05/29 8:16 p.m.11 views

DEBIAN-CVE-2026-45149

The brace-expansion library generates arbitrary strings containing a common prefix and suffix. From 5.0.0 to before 5.0.6, the max option was being applied too late. When expanding a single large numeric range like 1..10000000, the sequence generation loop generates all 10 million intermediate...

7.5CVSS6AI score0.00278EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/29 7:55 p.m.12 views

EUVD-2026-33442

The brace-expansion library generates arbitrary strings containing a common prefix and suffix. From 5.0.0 to before 5.0.6, the max option was being applied too late. When expanding a single large numeric range like 1..10000000, the sequence generation loop generates all 10 million intermediate...

6.5CVSS5.9AI score0.00278EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/29 7:55 p.m.9 views

CVE-2026-45149

The brace-expansion library generates arbitrary strings containing a common prefix and suffix. From 5.0.0 to before 5.0.6, the max option was being applied too late. When expanding a single large numeric range like 1..10000000, the sequence generation loop generates all 10 million intermediate...

6.5CVSS5.9AI score0.00278EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2026/05/29 7:55 p.m.12 views

CVE-2026-45149

The brace-expansion library generates arbitrary strings containing a common prefix and suffix. From 5.0.0 to before 5.0.6, the max option was being applied too late. When expanding a single large numeric range like 1..10000000, the sequence generation loop generates all 10 million intermediate...

7.5CVSS5.9AI score0.00278EPSS
Exploits0
Cvelist
Cvelist
added 2026/05/28 7:42 p.m.35 views

CVE-2026-42400 Uncontrolled Resource Consumption in Kibana Leading to Denial of Service

Uncontrolled Resource Consumption CWE-400 in Kibana can lead to denial of service via Excessive Allocation CAPEC-130. An authenticated user can send a specially crafted compressed request payload that is processed prior to authorization checks, causing excessive memory and CPU resource consumptio...

6.5CVSS0.00296EPSS
Exploits0References1
Snyk
Snyk
added 2026/05/28 6:24 p.m.4 views

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the W3CBaggagePropagator function. An attacker can cause excessive memory allocation and CPU consumption by sending oversized baggage data, which is automatically re-injected into...

8.7CVSS5.3AI score0.00686EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/28 4:37 p.m.11 views

EUVD-2026-32953

opentelemetry-java is the Java implementation of the OpenTelemetry API for recording telemetry, and SDK for managing telemetry recorded by the API. Prior to 1.62.0, a vulnerability affects the baggage propagation implementation in opentelemetry-api and opentelemetry-extension-trace-propagators...

5.3CVSS5.8AI score0.00686EPSS
Exploits0References4
NVD
NVD
added 2026/05/28 4:16 p.m.12 views

CVE-2026-48735

pypdf is a free and open-source pure-python PDF library. Prior to 6.12.1, an attacker who uses this vulnerability can craft a PDF which leads to large memory usage. This requires parsing large XMP metadata, possibly with lots of unnecessary elements. This vulnerability is fixed in 6.12.1...

6.9CVSS0.0013EPSS
Exploits0References3
OSV
OSV
added 2026/05/28 4:16 p.m.10 views

DEBIAN-CVE-2026-48735

pypdf is a free and open-source pure-python PDF library. Prior to 6.12.1, an attacker who uses this vulnerability can craft a PDF which leads to large memory usage. This requires parsing large XMP metadata, possibly with lots of unnecessary elements. This vulnerability is fixed in 6.12.1...

5.5CVSS5.8AI score0.0013EPSS
Exploits0References1
NVD
NVD
added 2026/05/28 4:16 p.m.28 views

CVE-2026-48155

pypdf is a free and open-source pure-python PDF library. Prior to 6.12.0, an attacker who uses this vulnerability can craft a PDF which leads to large memory usage. This requires extracting text in layout mode with large character offsets. This vulnerability is fixed in 6.12.0...

5.5CVSS0.00127EPSS
Exploits0References3
OSV
OSV
added 2026/05/28 4:16 p.m.9 views

DEBIAN-CVE-2026-48155

pypdf is a free and open-source pure-python PDF library. Prior to 6.12.0, an attacker who uses this vulnerability can craft a PDF which leads to large memory usage. This requires extracting text in layout mode with large character offsets. This vulnerability is fixed in 6.12.0...

5.5CVSS5.8AI score0.00127EPSS
Exploits0References1
OSV
OSV
added 2026/05/28 4:16 p.m.8 views

UBUNTU-CVE-2026-48155

pypdf is a free and open-source pure-python PDF library. Prior to 6.12.0, an attacker who uses this vulnerability can craft a PDF which leads to large memory usage. This requires extracting text in layout mode with large character offsets. This vulnerability is fixed in 6.12.0...

5.5CVSS5.8AI score0.00127EPSS
Exploits0References5
CVE
CVE
added 2026/05/28 2:51 p.m.33 views

CVE-2026-48155

The CVE concerns the pypdf Python PDF library. Before version 6.12.0, an attacker could craft a PDF that triggers large memory usage when extracting text in layout mode with very large character offsets. This memory impact is the stated vulnerability; mitigation is updating to 6.12.0 where the is...

5.5CVSS5.8AI score0.00127EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2026/05/28 2:51 p.m.32 views

CVE-2026-48155 pypdf: Possible large memory usage for large offsets for layout mode text

pypdf is a free and open-source pure-python PDF library. Prior to 6.12.0, an attacker who uses this vulnerability can craft a PDF which leads to large memory usage. This requires extracting text in layout mode with large character offsets. This vulnerability is fixed in 6.12.0...

4.8CVSS0.00127EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/05/28 2:51 p.m.13 views

CVE-2026-48155 pypdf: Possible large memory usage for large offsets for layout mode text

pypdf is a free and open-source pure-python PDF library. Prior to 6.12.0, an attacker who uses this vulnerability can craft a PDF which leads to large memory usage. This requires extracting text in layout mode with large character offsets. This vulnerability is fixed in 6.12.0...

4.8CVSS5.8AI score0.00127EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/05/28 2:51 p.m.8 views

CVE-2026-48155

pypdf is a free and open-source pure-python PDF library. Prior to 6.12.0, an attacker who uses this vulnerability can craft a PDF which leads to large memory usage. This requires extracting text in layout mode with large character offsets. This vulnerability is fixed in 6.12.0...

4.8CVSS5.8AI score0.00127EPSS
Exploits0References4Affected Software1
Debian CVE
Debian CVE
added 2026/05/28 2:51 p.m.11 views

CVE-2026-48155

pypdf is a free and open-source pure-python PDF library. Prior to 6.12.0, an attacker who uses this vulnerability can craft a PDF which leads to large memory usage. This requires extracting text in layout mode with large character offsets. This vulnerability is fixed in 6.12.0...

5.5CVSS5.8AI score0.00127EPSS
Exploits0
CVE
CVE
added 2026/05/28 2:49 p.m.38 views

CVE-2026-48735

The CVE affects the Python PDF library pypdf prior to version 6.12.1, where parsing large XMP metadata can cause excessive memory usage. Root cause is processing crafted or verbose XMP metadata that expands memory footprint. Impact stated: high impact on availability due to memory exhaustion; con...

6.9CVSS5.8AI score0.0013EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder