Package impact
PIP / pillow
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-42310 | medium | 5.5 | 5.5 | 21d ago | Pillow has a PDF Parsing Trailer Infinite Loop (DoS) | |||
| CVE-2026-42308 | medium | 5.5 | 5.5 | 21d ago | Pillow is a Python imaging library. Prior to version 12.2.0, if a font advances for each glyph by an exceeding large amount, when Pillow keeps track of the current position, it may lead to an integer… | |||
| CVE-2026-42309 | medium | 5.5 | 5.5 | 25d ago | Pillow has a heap buffer overflow with nested list coordinates |