CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

64 matches found

CVE-2026-54531

pypdf is a free and open-source pure-python PDF library. Prior to 6.13.0, an attacker who uses this vulnerability can craft a PDF which leads to an infinite loop. This requires merging a file with outlines into a writer. This vulnerability is fixed in 6.13.0...

6.9CVSS0.00125EPSS

Exploits0References3

Cvelist•added 2 days ago•20 views

CVE-2026-54531 pypdf: Possible infinite loop when processing outlines/bookmarks in writer

6.9CVSS0.00125EPSS

Exploits0References3

CVE•added 2 days ago•9 views

CVE-2026-54531

CVE-2026-54531 affects the pypdf library. Vulnerability: when merging a file containing outlines/bookmarks into a writer, an attacker can craft a PDF that leads to an infinite loop. Affected product: pypdf (Python library for PDF manipulation); vulnerable condition occurs prior to version 6.13.0....

6.9CVSS5.8AI score0.00125EPSS

Exploits0References3

Snyk•added 2026/06/16 2:5 p.m.•6 views

Infinite loop

Overview pypdf is an A pure-python PDF library capable of splitting, merging, cropping, and transforming PDF files Affected versions of this package are vulnerable to Infinite loop via the processing outlines or bookmarks in writer. An attacker can cause the application to enter an infinite loop ...

6.9CVSS5.9AI score0.00125EPSS

Exploits0References2

Github Security Blog•added 2026/06/16 2:5 p.m.•11 views

pypdf: Possible infinite loop when processing outlines/bookmarks in writer

Impact An attacker who uses this vulnerability can craft a PDF which leads to an infinite loop. This requires merging a file with outlines into a writer. Patches This has been fixed in pypdf==6.13.0. Workarounds If you cannot upgrade yet, consider applying the changes from PR 3830...

6.9CVSS5.3AI score0.00125EPSS

Exploits0References4Affected Software1

Positive Technologies•added 2026/06/16 12:0 a.m.•10 views

PT-2026-49743

Name of the Vulnerable Software and Affected Versions pypdf versions prior to 6.13.0 Description A flaw in the pure-python PDF library allows an attacker to craft a PDF that triggers an infinite loop. This occurs when merging a file containing outlines into a writer. Recommendations Update to...

6.9CVSS5.8AI score0.00125EPSS

Exploits0References6

Veracode•added 2026/02/28 5:14 a.m.•4 views

Infinite Loop

pypdf is vulnerable to Infinite Loop. The vulnerability is due to an attacker being able to craft a PDF which leads to an infinite loop, where accessing the children of a TreeObject, for example as part of outlines, can be exploited by attackers...

6.9CVSS5.1AI score0.00168EPSS

Exploits0References4Affected Software1

SUSE CVE•added 2026/02/24 12:24 a.m.•3 views

SUSE CVE-2026-27024

pypdf is a free and open-source pure-python PDF library. Prior to 6.7.1, an attacker who uses this vulnerability can craft a PDF which leads to an infinite loop. This requires accessing the children of a TreeObject, for example as part of outlines. This vulnerability is fixed in 6.7.1...

5.5CVSS5.7AI score0.00168EPSS

Exploits0References3

Veracode•added 2026/02/21 5:6 a.m.•7 views

Infinite Loop

pypdf is vulnerable to Infinite Loop. The vulnerability is due to an infinite loop vulnerability that is present in versions prior to 6.6.2, where an attacker can craft a PDF which leads to an infinite loop by accessing the outlines/bookmarks...

5.1CVSS5.7AI score0.00388EPSS

Exploits2References4Affected Software1

OSV•added 2026/02/20 10:16 p.m.•2 views

DEBIAN-CVE-2026-27024

5.5CVSS5.3AI score0.00168EPSS

Exploits0References1

UbuntuCve•added 2026/02/20 10:16 p.m.•0 views

CVE-2026-27024

6.9CVSS5.8AI score0.00168EPSS

Exploits0References5

OSV•added 2026/02/20 10:16 p.m.•2 views

UBUNTU-CVE-2026-27024

6.9CVSS5.8AI score0.00168EPSS

Exploits0References6

Vulnrichment•added 2026/02/20 9:10 p.m.•0 views

CVE-2026-27024 pypdf has a possible infinite loop when processing TreeObject

6.9CVSS5.4AI score0.00168EPSS

Exploits0References4

Cvelist•added 2026/02/20 9:10 p.m.•21 views

CVE-2026-27024 pypdf has a possible infinite loop when processing TreeObject

6.9CVSS0.00168EPSS

Exploits0References4

CVE•added 2026/02/20 9:10 p.m.•18 views

CVE-2026-27024

CVE-2026-27024 affects the pypdf (pypdf2) library prior to 6.7.1. The vulnerability allows an attacker to craft a PDF that causes an infinite loop when processing TreeObject children (e.g., in outlines), resulting in a DoS. The issue is fixed in version 6.7.1; multiple connected advisories (openS...

6.9CVSS5.5AI score0.00168EPSS

Exploits0References4Affected Software1

Debian CVE•added 2026/02/20 9:10 p.m.•4 views

CVE-2026-27024

6.9CVSS5.3AI score0.00168EPSS

Exploits0

OSV•added 2026/02/20 9:10 p.m.•4 views

CVE-2026-27024 pypdf has a possible infinite loop when processing TreeObject

6.9CVSS5.5AI score0.00168EPSS

Exploits0References6

OSV•added 2026/02/18 10:40 p.m.•1 views

GHSA-996Q-PR4M-CVGQ pypdf has a possible infinite loop when processing TreeObject

Impact An attacker who uses this vulnerability can craft a PDF which leads to an infinite loop. This requires accessing the children of a TreeObject, for example as part of outlines. Patches This has been fixed in pypdf==6.7.1. Workarounds If you cannot upgrade yet, consider applying the changes...

6.9CVSS5.8AI score0.00168EPSS

Exploits0References6

Github Security Blog•added 2026/02/18 10:40 p.m.•5 views

pypdf has a possible infinite loop when processing TreeObject

6.9CVSS5.5AI score0.00168EPSS

Exploits0References6Affected Software1

Positive Technologies•added 2026/02/18 12:0 a.m.•3 views

PT-2026-21301

Name of the Vulnerable Software and Affected Versions pypdf versions prior to 6.7.1 Description A crafted PDF file can cause an infinite loop when accessing the children of a TreeObject, such as during outline processing. This issue affects the pypdf library, a free and open-source pure-python PD...

6.9CVSS5.2AI score0.00168EPSS

Exploits0References38

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by