CVE-2026-54651

A flaw was found in pypdf. An attacker can craft a malicious PDF file that, when merged with threads or articles into a writer, can lead to an an infinite loop. This vulnerability can result in a Denial of Service DoS condition, making the affected system unresponsive. Mitigation If PDF processin...

DEBIAN-CVE-2026-54651

pypdf is a free and open-source pure-python PDF library. Prior to 6.13.1, an attacker who uses this vulnerability can craft a PDF which leads to an infinite loop. This requires merging a file with threads/articles into a writer. This vulnerability is fixed in 6.13.1...

CVE-2026-54651

pypdf is a free and open-source pure-python PDF library. Prior to 6.13.1, an attacker who uses this vulnerability can craft a PDF which leads to an infinite loop. This requires merging a file with threads/articles into a writer. This vulnerability is fixed in 6.13.1...

CVE-2026-54651

CVE-2026-54651 affects the Python PDF library pypdf prior to version 6.13.1. The issue allows an attacker to craft a PDF that can trigger an infinite loop when merging a file with threads/articles into a writer, potentially impacting availability. The vulnerability is fixed in 6.13.1. Affected co...

CVE-2026-54531 pypdf: Possible infinite loop when processing outlines/bookmarks in writer

pypdf is a free and open-source pure-python PDF library. Prior to 6.13.0, an attacker who uses this vulnerability can craft a PDF which leads to an infinite loop. This requires merging a file with outlines into a writer. This vulnerability is fixed in 6.13.0...

CVE-2026-54531

pypdf is a free and open-source pure-python PDF library. Prior to 6.13.0, an attacker who uses this vulnerability can craft a PDF which leads to an infinite loop. This requires merging a file with outlines into a writer. This vulnerability is fixed in 6.13.0...

Wrap-around Error

Overview Affected versions of this package are vulnerable to Wrap-around Error in ReentrantReadWriteLock that causes incorrect write locks. An attacker can cause a thread to incorrectly obtain a write lock without exclusivity by repeatedly acquiring the read lock 32,768 times, which overflows the...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: nilfs2: A potential hang occurred in nilfsdetachlogwriter. Syzbot reported a potential hang during nilfsdetachlogwriter called when nilfs2 unmounts the file system. Analysis revealed that this issue arises because nilfssegctorsyn...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: nilfs2: Fixing the use-after-free bug of nswriter when remounting the filesystem. If a nilfs2 filesystem is downgraded to read-only due to metadata corruption on the disk, and it is remounted with read/write access, or if an...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: nilfs2: Fix for a use-after-free of the timer for the log writer thread This patch series, titled “nilfs2: Fix for log writer-related issues”, addresses three issues related to the nilfs2 log writer. These include a...

CVE-2026-12528

A flaw was found in 389 Directory Server in the aclpnormalizeacltxt function of aclparse.c. A malformed ACI Access Control Instruction string can trigger heap-buffer-overflow writes and reads during ACI parsing. The function fails to validate that the ACI keyword has sufficient length after...

pypdf: Possible infinite loop when processing outlines/bookmarks in writer

Impact An attacker who uses this vulnerability can craft a PDF which leads to an infinite loop. This requires merging a file with outlines into a writer. Patches This has been fixed in pypdf==6.13.0. Workarounds If you cannot upgrade yet, consider applying the changes from PR 3830...

PT-2026-49743

Name of the Vulnerable Software and Affected Versions pypdf versions prior to 6.13.0 Description A flaw in the pure-python PDF library allows an attacker to craft a PDF that triggers an infinite loop. This occurs when merging a file containing outlines into a writer. Recommendations Update to...

EUVD-2025-210143

A NULL pointer dereference in the TrackWriter handling component filters/muxisom.c of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service DoS via supplying a crafted MP4 file...

CVE-2025-55643

A NULL pointer dereference in the TrackWriter handling component filters/muxisom.c of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service DoS via supplying a crafted MP4 file...

EUVD-2026-35883

An application using spring-security-saml2-service-provider and the REDIRECT binding for SAML 2.0 Login or Logout may be vulnerable to a denial of service by way of an unbounded writer that inflates the compressed SAML payload into memory. Affected versions: Spring Security 5.7.0 through 5.7.23;...

CVE-2026-40988

An application using spring-security-saml2-service-provider and the REDIRECT binding for SAML 2.0 Login or Logout may be vulnerable to a denial of service by way of an unbounded writer that inflates the compressed SAML payload into memory. Affected versions: Spring Security 5.7.0 through 5.7.23;...

PT-2026-48305

Name of the Vulnerable Software and Affected Versions Spring Security versions 5.7.0 through 5.7.23 Spring Security versions 5.8.0 through 5.8.25 Spring Security versions 6.3.0 through 6.3.16 Spring Security versions 6.4.0 through 6.4.16 Spring Security versions 6.5.0 through 6.5.10 Spring Securi...

Bugsink: DOS using large numbers of event tags

Summary In affected versions, Bugsink stores every tag supplied with an incoming event. An event with an unusually large number of custom i.e. supplied by an attacker tags can therefore make ingestion spend more time than intended writing tag rows. Bugsink uses a single-writer database...

GHSA-5X67-J5XG-C5GJ Bugsink: DOS using large numbers of event tags

Summary In affected versions, Bugsink stores every tag supplied with an incoming event. An event with an unusually large number of custom i.e. supplied by an attacker tags can therefore make ingestion spend more time than intended writing tag rows. Bugsink uses a single-writer database...