VIR Vulnerability Intelligence Relay

Package impact

python PyPI / pypdf

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Published Description Impact
CVE-2026-41314 medium 6.5 6.5 1mo ago pypdf: Manipulated FlateDecode image dimensions can exhaust RAM debianpython
CVE-2026-41313 medium 6.5 6.5 1mo ago pypdf: Possible long runtimes for wrong size values in incremental mode debianpython
CVE-2026-41312 medium 6.5 6.5 1mo ago pypdf: Manipulated FlateDecode predictor parameters can exhaust RAM debianpython
CVE-2026-41168 unknown 1mo ago pypdf has long runtimes for wrong size values in cross-reference and object streams debianpython
CVE-2026-40260 unknown 2mo ago pypdf is a free and open-source pure-python PDF library. In versions prior to 6.10.0, manipulated XMP metadata entity declarations can exhaust RAM. An attacker who exploits this vulnerability can cra… debianpython
CVE-2026-33699 unknown 2mo ago pypdf: Possible infinite loop during recovery attempts in DictionaryObject.read_from_stream susedebianpython
CVE-2026-33123 unknown 2mo ago pypdf has inefficient decoding of array-based streams debianpython
CVE-2026-31826 unknown 3mo ago pypdf: manipulated stream length values can exhaust RAM debianpython
CVE-2026-28804 unknown 3mo ago pypdf vulnerable to inefficient decoding of ASCIIHexDecode streams susedebianpython
CVE-2026-28351 unknown 3mo ago pypdf: Manipulated RunLengthDecode streams can exhaust RAM debianpython
CVE-2026-27888 unknown 3mo ago pypdf: Manipulated FlateDecode XFA streams can exhaust RAM susedebianpython
CVE-2026-27628 unknown 3mo ago pypdf is a free and open-source pure-python PDF library. Prior to 6.7.2, an attacker who uses this vulnerability can craft a PDF which leads to an infinite loop. This requires reading the file. This … debianpython
CVE-2026-27026 unknown 3mo ago pypdf possibly has long runtimes for malformed FlateDecode streams debianpython
CVE-2026-27025 unknown 3mo ago pypdf has possible long runtimes/large memory usage for large /ToUnicode streams debianpython
CVE-2026-27024 unknown 3mo ago pypdf has a possible infinite loop when processing TreeObject debianpython
CVE-2026-24688 unknown 4mo ago pypdf is a free and open-source pure-python PDF library. An attacker who uses an infinite loop vulnerability that is present in versions prior to 6.6.2 can craft a PDF which leads to an infinite loop… debianpython
CVE-2026-22691 unknown 5mo ago pypdf is a free and open-source pure-python PDF library. Prior to version 6.6.0, pypdf has possible long runtimes for malformed startxref. An attacker who uses this vulnerability can craft a PDF whic… debianpython
CVE-2026-22690 unknown 5mo ago pypdf is a free and open-source pure-python PDF library. Prior to version 6.6.0, pypdf has possible long runtimes for missing /Root object with large /Size values. An attacker who uses this vulnerabi… debianpython
CVE-2025-66019 unknown 6mo ago pypdf's LZWDecode streams be manipulated to exhaust RAM susedebianpython
CVE-2025-62708 unknown 7mo ago pypdf can exhaust RAM via manipulated LZWDecode streams debianpython
CVE-2025-62707 unknown 7mo ago pypdf possibly loops infinitely when reading DCT inline images without EOF marker susedebianpython
CVE-2025-55197 unknown 10mo ago pypdf is a free and open-source pure-python PDF library. Prior to version 6.0.0, an attacker can craft a PDF which leads to the RAM being exhausted. This requires just reading the file if a series of… debianpython
CVE-2023-46250 unknown 3y ago Possible Infinite Loop when PdfWriter(clone_from) is used with a PDF debianpython
CVE-2023-36464 unknown 3y ago pypdf is an open source, pure-python PDF library. In affected versions an attacker may craft a PDF which leads to an infinite loop if `__parse_content_stream` is executed. That is, for example, the c… debianpython