SUSE CVE-2026-27024

🗓️ 24 Feb 2026 00:24:14Reported by Suse CVEType

susecve

susecve🔗 www.suse.com👁 1 Views

CVE-2026-27024 in pypdf prior to 6.7.1 allows crafted PDFs to cause infinite loops via TreeObject.

Reporter	Title	Published	Views	Family All 33
IBM Security Bulletins	Security Bulletin: IBM Watson Discovery Cartridge affected by vulnerability in pypdf-6.6.2-py3-none-any.whl	18 May 202619:32	–	ibm
Chainguard	CVE-2026-27024 vulnerabilities	20 Feb 202619:17	–	cgr
CNNVD	pypdf 安全漏洞	20 Feb 202600:00	–	cnnvd
CVE	CVE-2026-27024	20 Feb 202621:10	–	cve
Cvelist	CVE-2026-27024 pypdf has a possible infinite loop when processing TreeObject	20 Feb 202621:10	–	cvelist
Debian CVE	CVE-2026-27024	20 Feb 202621:10	–	debiancve
Github Security Blog	pypdf has a possible infinite loop when processing TreeObject	18 Feb 202622:40	–	github
NVD	CVE-2026-27024	20 Feb 202622:16	–	nvd
Tenable Nessus	openSUSE 16 Security Update : python-PyPDF2 (openSUSE-SU-2026:20333-1)	8 Mar 202600:00	–	nessus
Tenable Nessus	Linux Distros Unpatched Vulnerability : CVE-2026-27024	21 Feb 202600:00	–	nessus

OS	OS Version	Architecture	Package	Package Version	Filename
OpenSUSE Tumbleweed	–	any	python311-pypdf2	2.11.1-4.1	python311-PyPDF2-2.11.1-4.1.noarch.rpm
OpenSUSE Tumbleweed	–	any	python311-pypdf	6.7.5-1.1	python311-pypdf-6.7.5-1.1.noarch.rpm
OpenSUSE Tumbleweed	–	any	python312-pypdf2	2.11.1-4.1	python312-PyPDF2-2.11.1-4.1.noarch.rpm
OpenSUSE Tumbleweed	–	any	python313-pypdf2	2.11.1-4.1	python313-PyPDF2-2.11.1-4.1.noarch.rpm
OpenSUSE Leap	16.0	any	python313-pypdf2	2.11.1-bp160.2.1	python313-PyPDF2-2.11.1-bp160.2.1.noarch.rpm
OpenSUSE Tumbleweed	–	any	python313-pypdf	6.7.5-1.1	python313-pypdf-6.7.5-1.1.noarch.rpm

Source	Link
suse	www.suse.com/security/cve/CVE-2026-27024
suse	www.suse.com/support/security/rating/
bugzilla	www.bugzilla.suse.com/1258691

08 Mar 2026 00:24Current

5.7Medium risk

Vulners AI Score5.7

CVSS 3.15.5

EPSS0.00006

vulnerability 2026 pypdf library infinite loop tree object outlines access