Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

48 matches found

Tenable Nessus
Tenable Nessusadded 2026/05/26 12:0 a.m.8 views

openSUSE 16 Security Update : python-PyPDF2 (openSUSE-SU-2026:20794-1)

The remote openSUSE 16 host has a package installed that is affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20794-1 advisory. Changes in python-PyPDF2: - CVE-2026-41312: Fixed issue where crafed PDF can lead to resources exhaustion bsc1262675 - CVE-2026-41314: Fixed a...

6.9CVSS5.9AI score0.00052EPSS
Exploits0References9
SUSE CVE
SUSE CVEadded 2026/04/24 1:28 a.m.2 views

SUSE CVE-2026-41312

pypdf is a free and open-source pure-python PDF library. An attacker who uses a vulnerability present in versions prior to 6.10.2 can craft a PDF which leads to the RAM being exhausted. This requires accessing a stream compressed using /FlateDecode with a /Predictor unequal 1 and large predictor...

4.8CVSS5.6AI score0.00025EPSS
Exploits0References3
Tenable Nessus
Tenable Nessusadded 2026/04/23 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2026-41314

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - pypdf is a free and open-source pure-python PDF library. An attacker who uses a vulnerability present in versions prior to 6.10.2 can craft a PDF which leads to...

6.5CVSS5.7AI score0.00025EPSS
Exploits0References3
NVD
NVDadded 2026/04/22 10:16 p.m.0 views

CVE-2026-41312

pypdf is a free and open-source pure-python PDF library. An attacker who uses a vulnerability present in versions prior to 6.10.2 can craft a PDF which leads to the RAM being exhausted. This requires accessing a stream compressed using /FlateDecode with a /Predictor unequal 1 and large predictor...

6.5CVSS0.00025EPSS
Exploits0References4
OSV
OSVadded 2026/04/22 10:16 p.m.2 views

DEBIAN-CVE-2026-41312

pypdf is a free and open-source pure-python PDF library. An attacker who uses a vulnerability present in versions prior to 6.10.2 can craft a PDF which leads to the RAM being exhausted. This requires accessing a stream compressed using /FlateDecode with a /Predictor unequal 1 and large predictor...

6.5CVSS5.3AI score0.00025EPSS
Exploits0References1
ATTACKERKB
ATTACKERKBadded 2026/04/22 9:8 p.m.4 views

CVE-2026-41314

pypdf is a free and open-source pure-python PDF library. An attacker who uses a vulnerability present in versions prior to 6.10.2 can craft a PDF which leads to the RAM being exhausted. This requires accessing an image using /FlateDecode with large size values. This has been fixed in pypdf 6.10.2...

4.8CVSS5.6AI score0.00025EPSS
Exploits0References5Affected Software1
EUVD
EUVDadded 2026/04/22 9:8 p.m.2 views

EUVD-2026-25116

pypdf is a free and open-source pure-python PDF library. An attacker who uses a vulnerability present in versions prior to 6.10.2 can craft a PDF which leads to the RAM being exhausted. This requires accessing an image using /FlateDecode with large size values. This has been fixed in pypdf 6.10.2...

4.8CVSS5.6AI score0.00025EPSS
Exploits0References4
CVE
CVEadded 2026/04/22 9:8 p.m.6 views

CVE-2026-41314

CVE-2026-41314 (pypdf) affects versions prior to 6.10.2 of the Python PDF library. An attacker can craft a PDF using a /FlateDecode image with large size values, causing RAM exhaustion. Impact is local, with memory impact (RAM) and potential denial of service. The issue is fixed in pypdf 6.10.2; ...

6.5CVSS5.6AI score0.00025EPSS
Exploits0References4Affected Software1
EUVD
EUVDadded 2026/04/22 9:2 p.m.2 views

EUVD-2026-25112

pypdf is a free and open-source pure-python PDF library. An attacker who uses a vulnerability present in versions prior to 6.10.2 can craft a PDF which leads to the RAM being exhausted. This requires accessing a stream compressed using /FlateDecode with a /Predictor unequal 1 and large predictor...

4.8CVSS5.6AI score0.00025EPSS
Exploits0References4
ATTACKERKB
ATTACKERKBadded 2026/04/22 9:2 p.m.0 views

CVE-2026-41312

pypdf is a free and open-source pure-python PDF library. An attacker who uses a vulnerability present in versions prior to 6.10.2 can craft a PDF which leads to the RAM being exhausted. This requires accessing a stream compressed using /FlateDecode with a /Predictor unequal 1 and large predictor...

4.8CVSS5.6AI score0.00025EPSS
Exploits0References5Affected Software1
OSV
OSVadded 2026/03/20 8:44 p.m.2 views

GHSA-VRQM-GVQ7-RRWH PDFME Affected by Decompression Bomb in FlateDecode Stream Parsing Causes Memory Exhaustion DoS

Summary The DecodeStream.ensureBuffer method in @pdfme/pdf-lib doubles its internal buffer without any upper bound on the decompressed size. A crafted PDF containing a FlateDecode stream with a high compression ratio decompression bomb causes unbounded memory allocation during stream decoding,...

6.5CVSS6AI score
Exploits0References2
Github Security Blog
Github Security Blogadded 2026/03/20 8:44 p.m.2 views

PDFME Affected by Decompression Bomb in FlateDecode Stream Parsing Causes Memory Exhaustion DoS

Summary The DecodeStream.ensureBuffer method in @pdfme/pdf-lib doubles its internal buffer without any upper bound on the decompressed size. A crafted PDF containing a FlateDecode stream with a high compression ratio decompression bomb causes unbounded memory allocation during stream decoding,...

6AI score
Exploits0References2Affected Software1
Packet Storm
Packet Stormadded 2026/03/06 12:0 a.m.132 views

📄 pypdf Memory Exhaustion / Denial of Service

pypdf versions prior to 6.7.3 were vulnerable to a denial of service condition caused by uncontrolled memory allocation during decompression of XFA streams. An attacker could craft a malicious PDF file containing a highly compressed stream using /FlateDecode...

8.7CVSS5.8AI score0.00055EPSS
Exploits1
Tenable Nessus
Tenable Nessusadded 2026/03/03 12:0 a.m.1 views

Linux Distros Unpatched Vulnerability : CVE-2026-27888

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - pypdf is a free and open-source pure-python PDF library. Prior to 6.7.3, an attacker who uses this vulnerability can craft a PDF which leads to the RAM being...

8.7CVSS7.2AI score0.00055EPSS
Exploits1References3
Veracode
Veracodeadded 2026/02/28 5:13 a.m.1 views

Denial Of Service (DoS)

pypdf is vulnerable to Denial Of Service DoS. The vulnerability is due to manipulated FlateDecode XFA streams, where an attacker can craft a PDF that leads to RAM exhaustion by accessing the xfa property of a reader or writer and the corresponding stream being compressed using /FlateDecode...

8.7CVSS5.8AI score0.00055EPSS
Exploits1References4Affected Software1
EUVD
EUVDadded 2026/02/26 7:55 p.m.2 views

EUVD-2026-8791

pypdf: Manipulated FlateDecode XFA streams can exhaust RAM...

8.7CVSS5.2AI score0.00055EPSS
Exploits1References5
RedhatCVE
RedhatCVEadded 2026/02/26 2:58 p.m.2 views

CVE-2026-27888

A flaw was found in pypdf. A remote attacker can exploit this vulnerability by crafting a malicious PDF document. When a user processes this specially crafted PDF, it can lead to excessive memory consumption, resulting in a Denial of Service DoS for the affected system. This issue specifically...

8.7CVSS5.6AI score0.00055EPSS
Exploits1References7
OSV
OSVadded 2026/02/26 1:16 a.m.2 views

DEBIAN-CVE-2026-27888

pypdf is a free and open-source pure-python PDF library. Prior to 6.7.3, an attacker who uses this vulnerability can craft a PDF which leads to the RAM being exhausted. This requires accessing the xfa property of a reader or writer and the corresponding stream being compressed using /FlateDecode...

7.5CVSS8.1AI score0.00055EPSS
Exploits1References1
OSV
OSVadded 2026/02/26 1:16 a.m.0 views

UBUNTU-CVE-2026-27888

pypdf is a free and open-source pure-python PDF library. Prior to 6.7.3, an attacker who uses this vulnerability can craft a PDF which leads to the RAM being exhausted. This requires accessing the xfa property of a reader or writer and the corresponding stream being compressed using /FlateDecode...

8.7CVSS5.7AI score0.00055EPSS
Exploits1References6
Debian CVE
Debian CVEadded 2026/02/26 12:42 a.m.4 views

CVE-2026-27888

pypdf is a free and open-source pure-python PDF library. Prior to 6.7.3, an attacker who uses this vulnerability can craft a PDF which leads to the RAM being exhausted. This requires accessing the xfa property of a reader or writer and the corresponding stream being compressed using /FlateDecode...

8.7CVSS8.1AI score0.00055EPSS
Exploits1
Rows per page
Query Builder