Lucene search
+L

7 matches found

Vulnrichment
Vulnrichment
added 2026/07/02 7:42 p.m.8 views

CVE-2026-59097 Taiga < 6.10.2 - Unauthorized Due-Date Creation via API Viewsets

Taiga before 6.10.2 contains a missing authorization vulnerability that allows unauthenticated remote attackers to create default due-date records in any project by exploiting unprotected POST endpoints on the user-story, task, and issue due-date API viewsets. Attackers can supply an arbitrary...

6.9CVSS6.2AI score0.00344EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2026/04/24 1:28 a.m.7 views

SUSE CVE-2026-41314

pypdf is a free and open-source pure-python PDF library. An attacker who uses a vulnerability present in versions prior to 6.10.2 can craft a PDF which leads to the RAM being exhausted. This requires accessing an image using /FlateDecode with large size values. This has been fixed in pypdf 6.10.2...

4.8CVSS5.6AI score0.00226EPSS
Exploits0References3
NVD
NVD
added 2026/04/22 10:16 p.m.35 views

CVE-2026-41312

pypdf is a free and open-source pure-python PDF library. An attacker who uses a vulnerability present in versions prior to 6.10.2 can craft a PDF which leads to the RAM being exhausted. This requires accessing a stream compressed using /FlateDecode with a /Predictor unequal 1 and large predictor...

6.5CVSS0.00226EPSS
Exploits0References4
OSV
OSV
added 2026/04/22 10:16 p.m.6 views

DEBIAN-CVE-2026-41312

pypdf is a free and open-source pure-python PDF library. An attacker who uses a vulnerability present in versions prior to 6.10.2 can craft a PDF which leads to the RAM being exhausted. This requires accessing a stream compressed using /FlateDecode with a /Predictor unequal 1 and large predictor...

6.5CVSS5.3AI score0.00226EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/04/22 9:4 p.m.29 views

CVE-2026-41313 pypdf: Possible long runtimes for wrong size values in incremental mode

pypdf is a free and open-source pure-python PDF library. An attacker who uses a vulnerability present in versions prior to 6.10.2 can craft a PDF which leads to long runtimes. This requires loading a PDF with a large trailer /Size value in incremental mode. This has been fixed in pypdf 6.10.2. As...

4.8CVSS0.00214EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2026/04/22 9:4 p.m.32 views

CVE-2026-41313

pypdf is a free and open-source pure-python PDF library. An attacker who uses a vulnerability present in versions prior to 6.10.2 can craft a PDF which leads to long runtimes. This requires loading a PDF with a large trailer /Size value in incremental mode. This has been fixed in pypdf 6.10.2. As...

6.5CVSS5.3AI score0.00214EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2026/04/22 9:2 p.m.6 views

CVE-2026-41312 pypdf: Manipulated FlateDecode predictor parameters can exhaust RAM

pypdf is a free and open-source pure-python PDF library. An attacker who uses a vulnerability present in versions prior to 6.10.2 can craft a PDF which leads to the RAM being exhausted. This requires accessing a stream compressed using /FlateDecode with a /Predictor unequal 1 and large predictor...

4.8CVSS5.6AI score0.00226EPSS
Exploits0References4
Rows per page
Query Builder