Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

Veracode
Veracodeadded 2026/03/14 5:28 a.m.21 views

Denial Of Service (DoS)

pypdf is vulnerable to Denial Of Service. The vulnerability is due to parsing a PDF content stream with an inflated Length value, where the parser allocates memory based on the declared length without verifying the actual data size, and an attacker can craft a PDF with a large /Length field to...

6.8CVSS5.9AI score0.00172EPSS
Exploits0References4Affected Software1
Cvelist
Cvelistadded 2026/03/10 9:36 p.m.23 views

CVE-2026-31826 pypdf: manipulated stream length values can exhaust RAM

pypdf is a free and open-source pure-python PDF library. Prior to 6.8.0, an attacker who uses this vulnerability can craft a PDF which leads to large memory usage. This requires parsing a content stream with a rather large /Length value, regardless of the actual data length inside the stream. Thi...

6.8CVSS0.00172EPSS
Exploits0References3
Vulnrichment
Vulnrichmentadded 2026/03/10 9:36 p.m.1 views

CVE-2026-31826 pypdf: manipulated stream length values can exhaust RAM

pypdf is a free and open-source pure-python PDF library. Prior to 6.8.0, an attacker who uses this vulnerability can craft a PDF which leads to large memory usage. This requires parsing a content stream with a rather large /Length value, regardless of the actual data length inside the stream. Thi...

6.8CVSS5.8AI score0.00172EPSS
Exploits0References3
CVE
CVEadded 2025/11/25 11:38 p.m.14 views

CVE-2025-66019

CVE-2025-66019 affects the Python PDF library pypdf up to version 6.3.x. Reporter data from multiple sources state that parsing a page content stream using the LZWDecode filter can cause memory usage to balloon to as much as 1 GB per stream, leading to potential denial of service on affected pars...

8.7CVSS6.4AI score0.00301EPSS
Exploits0References4
Vulnrichment
Vulnrichmentadded 2025/10/22 9:36 p.m.3 views

CVE-2025-62708 pypdf manipulated LZWDecode streams can exhaust RAM

pypdf is a free and open-source pure-python PDF library. Prior to version 6.1.3, an attacker who uses this vulnerability can craft a PDF which leads to large memory usage. This requires parsing the content stream of a page using the LZWDecode filter. This has been fixed in pypdf version 6.1.3...

8.7CVSS6.5AI score0.00402EPSS
Exploits0References4
Binamuse
Binamuseadded 2014/09/18 6:31 p.m.685 views

CoreGraphics Information Disclosure - CVE-2014-4378

This article explores the exploitability of MobileSafari on IOS 7.1.x. Using a crafted PDF file as an HTML image makes it possible to leak information about the memory layout to the browser Javascript interpreter. Apple CoreGraphics library fails to validate input when parsing the colorspace...

5.8CVSS7.9AI score0.04983EPSS
Exploits0
Rows per page
Query Builder