Advisory ROSA-SA-2026-3304

Software: mupdf 1.26.10 Operating System: ROSA-CHROME Unaffected versions: = mupdf-1.26.10-2 Affected versions: mupdf-1.26.10-2 CVE-ID: CVE-2026-25556 BDU-ID: None CVE-Crit: HIGH CVE-DESCRIPTION: A vulnerability related to double-freeing memory exists in MuPDF versions from 1.23.0 to 1.27.0. This...

SUSE CVE-2026-7233

A vulnerability was determined in Artifex MuPDF up to 1.28.0. The impacted element is the function fzsubsetcffforgids of the file subset-cff.c of the component CFF Index Handler. This manipulation causes out-of-bounds read. The attack can only be executed locally. The exploit has been publicly...

Linux Distros Unpatched Vulnerability : CVE-2026-7233

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was determined in Artifex MuPDF up to 1.28.0. The impacted element is the function fzsubsetcffforgids of the file subset-cff.c of the component...

CVE-2026-7233

A flaw was found in Artifex MuPDF, specifically within its CFF Index Handler component. A local user could exploit an out-of-bounds read vulnerability in the fzsubsetcffforgids function. This could allow an attacker to read sensitive information from memory, potentially leading to information...

CVE-2026-7233

A vulnerability was determined in Artifex MuPDF up to 1.28.0. The impacted element is the function fzsubsetcffforgids of the file subset-cff.c of the component CFF Index Handler. This manipulation causes out-of-bounds read. The attack can only be executed locally. The exploit has been publicly...

CVE-2026-7233

A vulnerability was determined in Artifex MuPDF up to 1.28.0. The impacted element is the function fzsubsetcffforgids of the file subset-cff.c of the component CFF Index Handler. This manipulation causes out-of-bounds read. The attack can only be executed locally. The exploit has been publicly...

UBUNTU-CVE-2026-7233

A vulnerability was determined in Artifex MuPDF up to 1.28.0. The impacted element is the function fzsubsetcffforgids of the file subset-cff.c of the component CFF Index Handler. This manipulation causes out-of-bounds read. The attack can only be executed locally. The exploit has been publicly...

CVE-2026-7233

A vulnerability was determined in Artifex MuPDF up to 1.28.0. The impacted element is the function fzsubsetcffforgids of the file subset-cff.c of the component CFF Index Handler. This manipulation causes out-of-bounds read. The attack can only be executed locally. The exploit has been publicly...

EUVD-2026-26000

A vulnerability was determined in Artifex MuPDF up to 1.28.0. The impacted element is the function fzsubsetcffforgids of the file subset-cff.c of the component CFF Index Handler. This manipulation causes out-of-bounds read. The attack can only be executed locally. The exploit has been publicly...

CVE-2026-7233 Artifex MuPDF CFF Index subset-cff.c fz_subset_cff_for_gids out-of-bounds

A vulnerability was determined in Artifex MuPDF up to 1.28.0. The impacted element is the function fzsubsetcffforgids of the file subset-cff.c of the component CFF Index Handler. This manipulation causes out-of-bounds read. The attack can only be executed locally. The exploit has been publicly...

CVE-2026-7233

Technical details about CVE-2026-7233 are not publicly available in the provided documents; monitor for updates.

CVE-2026-7233

A vulnerability was determined in Artifex MuPDF up to 1.28.0. The impacted element is the function fzsubsetcffforgids of the file subset-cff.c of the component CFF Index Handler. This manipulation causes out-of-bounds read. The attack can only be executed locally. The exploit has been publicly...

Artifex Software MuPDF 缓冲区错误漏洞

Artifex Software MuPDF is a free and lightweight PDF reader developed by Artifex Software in the United States. Versions of Artifex Software MuPDF 1.28.0 and earlier contain a buffer error vulnerability. This vulnerability stems from the fzsubsetcffforgids function in the CFF Index Handler...

Fedora 44 : mupdf (2026-0ebdbc98c5)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-0ebdbc98c5 advisory. fix CVE-2026-3308 rhbz2454361 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not test...

PT-2026-35671

A vulnerability was determined in Artifex MuPDF up to 1.28.0. The impacted element is the function fz subset cff for gids of the file subset-cff.c of the component CFF Index Handler. This manipulation causes out-of-bounds read. The attack can only be executed locally. The exploit has been publicl...

[SECURITY] Fedora 44 Update: mupdf-1.27.1-10.fc44

MuPDF is a lightweight PDF viewer and toolkit written in portable C. The renderer in MuPDF is tailored for high quality anti-aliased graphics. MuPDF renders text with metrics and spacing accurate to within fractions of a pixel for the highest fidelity in reproducing the look of a printed page on...

[SECURITY] [DLA 4540-1] mupdf security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-4540-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort April 21, 2026 https://wiki.debian.org/LTS -...

Debian dla-4540 : libmupdf-dev - security update

The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dla-4540 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4540-1 [email protected] https://www.debian.org/lts/security/...

Debian dsa-6218 : libmupdf-dev - security update

The remote Debian 12 / 13 host has packages installed that are affected by a vulnerability as referenced in the dsa-6218 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6218-1 [email protected] https://www.debian.org/security/...

[SECURITY] [DSA 6218-1] mupdf security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6218-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso April 18, 2026 https://www.debian.org/security/faq -...