57 matches found
SUSE CVE-2026-40505
MuPDF before 1.27 contains an ANSI injection vulnerability in mutool that allows attackers to inject arbitrary ANSI escape sequences through crafted PDF metadata fields. Attackers can embed malicious ANSI escape codes in PDF metadata that are passed unsanitized to terminal output when running...
CVE-2026-40505
A flaw was found in MuPDF mutool. This vulnerability allows a local attacker to embed malicious ANSI escape sequences within a PDF's metadata. When a user views the PDF's information using the mutool info command, these unsanitized sequences are processed by the terminal. This can lead to the...
EUVD-2026-23147
MuPDF mutool does not sanitize PDF metadata fields before writing them to terminal output, allowing attackers to inject arbitrary ANSI escape sequences through crafted PDF metadata. Attackers can embed malicious ANSI escape codes in PDF metadata that are passed unsanitized to the terminal when...
CVE-2026-40505
MuPDF before 1.27 contains an ANSI injection vulnerability in mutool that allows attackers to inject arbitrary ANSI escape sequences through crafted PDF metadata fields. Attackers can embed malicious ANSI escape codes in PDF metadata that are passed unsanitized to terminal output when running...
CVE-2026-40505
MuPDF before 1.27 contains an ANSI injection vulnerability in mutool that allows attackers to inject arbitrary ANSI escape sequences through crafted PDF metadata fields. Attackers can embed malicious ANSI escape codes in PDF metadata that are passed unsanitized to terminal output when running...
UBUNTU-CVE-2026-40505
MuPDF before 1.27 contains an ANSI injection vulnerability in mutool that allows attackers to inject arbitrary ANSI escape sequences through crafted PDF metadata fields. Attackers can embed malicious ANSI escape codes in PDF metadata that are passed unsanitized to terminal output when running...
CVE-2026-40505
MuPDF before 1.27 contains an ANSI injection vulnerability in mutool that allows attackers to inject arbitrary ANSI escape sequences through crafted PDF metadata fields. Attackers can embed malicious ANSI escape codes in PDF metadata that are passed unsanitized to terminal output when running...
CVE-2026-40505 MuPDF < 1.27 mutool ANSI Injection via Metadata
MuPDF before 1.27 contains an ANSI injection vulnerability in mutool that allows attackers to inject arbitrary ANSI escape sequences through crafted PDF metadata fields. Attackers can embed malicious ANSI escape codes in PDF metadata that are passed unsanitized to terminal output when running...
CVE-2026-40505
MuPDF before 1.27 contains an ANSI injection vulnerability in mutool that allows attackers to inject arbitrary ANSI escape sequences through crafted PDF metadata fields. Attackers can embed malicious ANSI escape codes in PDF metadata that are passed unsanitized to terminal output when running...
CVE-2026-40505
MuPDF before 1.27 contains an ANSI injection vulnerability in mutool that allows attackers to inject arbitrary ANSI escape sequences through crafted PDF metadata fields. Attackers can embed malicious ANSI escape codes in PDF metadata that are passed unsanitized to terminal output when running...
CVE-2026-40505 MuPDF mutool ANSI Injection via Metadata
MuPDF mutool does not sanitize PDF metadata fields before writing them to terminal output, allowing attackers to inject arbitrary ANSI escape sequences through crafted PDF metadata. Attackers can embed malicious ANSI escape codes in PDF metadata that are passed unsanitized to the terminal when...
CVE-2026-40505
Technical details (affected product versions, root-cause specifics, and remediation steps) are not publicly provided in the supplied documents. The sources reiterate a MuPDF mutool PDF-metadata sanitization issue but do not include concrete technical specifics.
Linux Distros Unpatched Vulnerability : CVE-2026-40505
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - MuPDF before 1.27 contains an ANSI injection vulnerability in mutool that allows attackers to inject arbitrary ANSI escape sequences through crafted PDF metadat...
Advisory ROSA-SA-2026-3120
software: qpdfview 0.5 WASP: ROSA-CHROME unaffected versions = qpdfview-0.5-4 affected versions qpdfview-0.5-4 CVE-ID: CVE-2025-46206 BDU-ID: 2025-11246 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the mutool clean utility of the MuPDF PDF viewer is related to infinite recursion. Exploitation of...
Advisory ROSA-SA-2026-3119
software: mupdf 1.26.10 WASP: ROSA-CHROME unaffected versions = mupdf-1.26.10-1 affected versions mupdf-1.26.10-1 CVE-ID: CVE-2025-46206 BDU-ID: 2025-11246 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the mutool clean utility of the MuPDF PDF viewer is related to infinite recursion. Exploitation ...
Astra Linux – Vulnerability in mupdf
A issue in Artifex mupdf 1.25.6 and 1.25.5 allows a remote attacker to cause a denial of service due to infinite recursion in the mutool clean utility. When processing a crafted PDF file containing cyclic /Next references in the outline structure, the stripoutline function enters infinite recursi...
EUVD-2018-11461
Malware in sbrugna...
EUVD-2025-23520
Malicious code in bioql PyPI...
ROS-20250905-11
A vulnerability in the MuPDF PDF viewer is related to infinite recursion in the mutool utility clean. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of denial of service...
Linux Distros Unpatched Vulnerability : CVE-2021-37220
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - MuPDF through 1.18.1 has an out-of-bounds write because the cached color converter does not properly consider the maximum key size of a hash table. This can, fo...