CVE-2026-33123

pypdf is a free and open-source pure-python PDF library. Versions prior to 6.9.1 allow an attacker to craft a malicious PDF which leads to long runtimes and/or large memory usage. Exploitation requires accessing an array-based stream with many entries. This issue has been fixed in version 6.9.1...

CVE-2026-33123

pypdf is a free and open-source pure-python PDF library. Versions prior to 6.9.1 allow an attacker to craft a malicious PDF which leads to long runtimes and/or large memory usage. Exploitation requires accessing an array-based stream with many entries. This issue has been fixed in version 6.9.1...

PT-2026-26191

Name of the Vulnerable Software and Affected Versions pypdf versions prior to 6.9.1 Description pypdf is a free and open-source pure-python PDF library. Versions prior to 6.9.1 allow an attacker to create a malicious PDF that can cause prolonged runtimes and/or significant memory usage...

GHSA-8GWC-X7MG-7P7P Apache XML Security For Java vulnerable to Infinite Loop

Affected versions of xmlsec are subject to a denial of service vulnerability. Should a user check the signature of a message larger than 512 MB, the method expandSizeint newPos of class org.apache.xml.security.utils.UnsyncByteArrayOutputStream goes in an endless loop. A remote attacker could use...