Lucene search
K

155 matches found

CVE
CVE
added 5 days ago12 views

CVE-2026-59935

The CVE affects the Python PDF library pypdf prior to 6.14.2, where a crafted PDF page content stream with an inline image not terminated and using ASCII85/ASCIIHex filters can cause an infinite loop during parsing (e.g., text extraction). This may impact availability (as per CVSS) with no confid...

8.7CVSS6AI score0.00352EPSS
Exploits0References4Affected Software1
CVE
CVE
added 5 days ago8 views

CVE-2026-59937

CVE-2026-59937 affects the Python PDF library pypdf prior to 6.14.0. A crafted PDF with repeated malformed cross-reference streams can cause pypdf to spend long runtimes recovering broken cross-reference table entries, resulting in high impact on availability. The issue is fixed in version 6.14.0...

7.5CVSS6AI score0.00345EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologies
added 5 days ago7 views

PT-2026-56528

Name of the Vulnerable Software and Affected Versions pypdf versions prior to 6.14.0 Description An attacker can craft a PDF file with declared image size values that are significantly larger than the actual data. This leads to excessive memory consumption during the image parsing process within...

6.9CVSS6AI score0.00303EPSS
Exploits0References10
RedhatCVE
RedhatCVE
added 2026/06/24 8:39 p.m.8 views

CVE-2026-54651

A flaw was found in pypdf. An attacker can craft a malicious PDF file that, when merged with threads or articles into a writer, can lead to an an infinite loop. This vulnerability can result in a Denial of Service DoS condition, making the affected system unresponsive. Mitigation If PDF processin...

6.9CVSS5.8AI score0.00111EPSS
Exploits0References6
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.8 views

Astra Linux – Vulnerability in pypdf2

pypdf is a free and open-source Python-based PDF library. Prior to version 6.7.2, an attacker who exploited this vulnerability could create a PDF that would lead to an infinite loop. This required reading the file. This issue has been fixed in pypdf 6.7.2. As a workaround, one can manually apply...

7.5CVSS6.6AI score0.00346EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/24 1:56 a.m.12 views

CVE-2026-49461

A flaw was found in pypdf. An attacker can craft a malicious PDF document containing a form XObject with self-references. When a user attempts to extract text from a page within this crafted PDF, it can lead to excessive memory consumption. This vulnerability may result in a Denial of Service DoS...

6.9CVSS5.7AI score0.00123EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/06/23 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2026-54531

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - pypdf is a free and open-source pure-python PDF library. Prior to 6.13.0, an attacker who uses this vulnerability can craft a PDF which leads to an infinite loo...

6.9CVSS6AI score0.00123EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/23 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-49461

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - pypdf is a free and open-source pure-python PDF library. Prior to 6.12.2, an attacker who uses this vulnerability can craft a PDF which leads to large memory...

6.9CVSS6AI score0.00123EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/23 12:0 a.m.13 views

Linux Distros Unpatched Vulnerability : CVE-2026-54530

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - pypdf is a free and open-source pure-python PDF library. Prior to 6.13.0, an attacker who uses this vulnerability can craft a PDF which leads to an infinite loo...

6.9CVSS6AI score0.00123EPSS
Exploits0References3
NVD
NVD
added 2026/06/22 9:16 p.m.18 views

CVE-2026-54651

pypdf is a free and open-source pure-python PDF library. Prior to 6.13.1, an attacker who uses this vulnerability can craft a PDF which leads to an infinite loop. This requires merging a file with threads/articles into a writer. This vulnerability is fixed in 6.13.1...

6.9CVSS0.00111EPSS
Exploits0References3
OSV
OSV
added 2026/06/22 9:16 p.m.4 views

UBUNTU-CVE-2026-54530

pypdf is a free and open-source pure-python PDF library. Prior to 6.13.0, an attacker who uses this vulnerability can craft a PDF which leads to an infinite loop. This requires extracting the text in layout mode. This vulnerability is fixed in 6.13.0...

6.9CVSS5.8AI score0.00123EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/06/22 8:28 p.m.3 views

CVE-2026-54651

pypdf is a free and open-source pure-python PDF library. Prior to 6.13.1, an attacker who uses this vulnerability can craft a PDF which leads to an infinite loop. This requires merging a file with threads/articles into a writer. This vulnerability is fixed in 6.13.1...

6.9CVSS5.8AI score0.00111EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2026/06/22 8:28 p.m.34 views

CVE-2026-54651

CVE-2026-54651 affects the Python PDF library pypdf prior to version 6.13.1. The issue allows an attacker to craft a PDF that can trigger an infinite loop when merging a file with threads/articles into a writer, potentially impacting availability. The vulnerability is fixed in 6.13.1. Affected co...

6.9CVSS5.8AI score0.00111EPSS
Exploits0References3Affected Software1
Snyk
Snyk
added 2026/06/16 1:47 p.m.9 views

Allocation of Resources Without Limits or Throttling

Overview pypdf is an A pure-python PDF library capable of splitting, merging, cropping, and transforming PDF files Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the text extraction when handling form XObjects with self-references. An...

6.9CVSS5.9AI score0.00123EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/12 10:57 a.m.10 views

Security Bulletin: Multiple vulnerabilities in IBM watsonx Orchestrate Developer Edition

Summary Multiple vulnerabilities were addressed in IBM watsonx Orchestrate Developer Edition version 2.11.0 Vulnerability Details CVEID:CVE-2026-42577 DESCRIPTION: Netty is an asynchronous, event-driven network application framework. From 4.2.0.Final to 4.2.13.Final , Netty's epoll transport fail...

9.8CVSS7AI score0.00745EPSS
Exploits5Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/09 3:16 p.m.6 views

Security Bulletin: IBM Watson Discovery Cartridge affected by vulnerability in pypdf-6.7.3-py3-none-any.whl

Summary IBM Watson Discovery Cartridge affected by vulnerability in pypdf-6.7.3-py3-none-any.whl Vulnerability Details CVEID:CVE-2026-28804 DESCRIPTION: pypdf is a free and open-source pure-python PDF library. Prior to version 6.7.5, an attacker who uses this vulnerability can craft a PDF which...

6.9CVSS5.3AI score0.00399EPSS
Exploits0Affected Software1
vulnersOsv
vulnersOsv
added 2026/05/28 4:50 p.m.7 views

5mghost-rover (>=0.0.1 <=0.0.3), ace-framework (>=0.6.0 <=0.7.3) +98 more potentially affected by CVE-2026-48155 via pypdf (>=6.0.0 <=6.11.0)

pypdf PYPI version =6.0.0, =0.0.1, =0.6.0, =0.1.0, =0.0.2, =0.1.0, =0.0.24, =1.45.0, =0.1.2, =0.0.1.dev0, =0.0.1, =0.0.2, =0.0.5 - autopattern =0.2.0 and more Source cves: CVE-2026-48155 Source advisory: SNYK:PYTHON-PYPDF-17054919...

5.5CVSS5.7AI score0.00127EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/05/28 4:48 p.m.8 views

5mghost-rover (>=0.0.1 <=0.0.3), ace-framework (>=0.6.0 <=0.7.3) +98 more potentially affected by CVE-2026-48735 via pypdf (>=6.0.0 <=6.11.0)

pypdf PYPI version =6.0.0, =0.0.1, =0.6.0, =0.1.0, =0.0.2, =0.1.0, =0.0.24, =1.45.0, =0.1.2, =0.0.1.dev0, =0.0.1, =0.0.2, =0.0.5 - autopattern =0.2.0 and more Source cves: CVE-2026-48735 Source advisory: SNYK:PYTHON-PYPDF-17054918...

6.9CVSS5.7AI score0.0013EPSS
Exploits0
Snyk
Snyk
added 2026/05/28 4:48 p.m.11 views

Allocation of Resources Without Limits or Throttling

Overview pypdf is an A pure-python PDF library capable of splitting, merging, cropping, and transforming PDF files Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the parsing process. An attacker can cause excessive memory consumption b...

6.9CVSS5.8AI score0.0013EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/28 2:49 p.m.12 views

CVE-2026-48735

pypdf is a free and open-source pure-python PDF library. Prior to 6.12.1, an attacker who uses this vulnerability can craft a PDF which leads to large memory usage. This requires parsing large XMP metadata, possibly with lots of unnecessary elements. This vulnerability is fixed in 6.12.1...

6.9CVSS5.8AI score0.0013EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder