| CVE-2026-41314 |
medium |
6.5 |
6.5 |
|
|
|
1mo ago |
pypdf: Manipulated FlateDecode image dimensions can exhaust RAM |
| CVE-2026-41313 |
medium |
6.5 |
6.5 |
|
|
|
2mo ago |
pypdf: Possible long runtimes for wrong size values in incremental mode |
| CVE-2026-41312 |
medium |
6.5 |
6.5 |
|
|
|
2mo ago |
pypdf: Manipulated FlateDecode predictor parameters can exhaust RAM |
| CVE-2026-41168 |
unknown |
— |
— |
|
|
|
2mo ago |
pypdf has long runtimes for wrong size values in cross-reference and object streams |
| CVE-2026-40260 |
unknown |
— |
— |
|
|
|
2mo ago |
pypdf is a free and open-source pure-python PDF library. In versions prior to 6.10.0, manipulated XMP metadata entity declarations can exhaust RAM. An attacker who exploits this vulnerability can cra… |
| CVE-2026-33699 |
unknown |
— |
— |
|
|
|
2mo ago |
pypdf: Possible infinite loop during recovery attempts in DictionaryObject.read_from_stream |
| CVE-2026-33123 |
unknown |
— |
— |
|
|
|
3mo ago |
pypdf has inefficient decoding of array-based streams |
| CVE-2026-31826 |
unknown |
— |
— |
|
|
|
3mo ago |
pypdf: manipulated stream length values can exhaust RAM |
| CVE-2026-28804 |
unknown |
— |
— |
|
|
|
3mo ago |
pypdf vulnerable to inefficient decoding of ASCIIHexDecode streams |
| CVE-2026-28351 |
unknown |
— |
— |
|
|
|
3mo ago |
pypdf: Manipulated RunLengthDecode streams can exhaust RAM |
| CVE-2026-27888 |
unknown |
— |
— |
|
|
|
3mo ago |
pypdf: Manipulated FlateDecode XFA streams can exhaust RAM |
| CVE-2026-27628 |
unknown |
— |
— |
|
|
|
3mo ago |
pypdf is a free and open-source pure-python PDF library. Prior to 6.7.2, an attacker who uses this vulnerability can craft a PDF which leads to an infinite loop. This requires reading the file. This … |
| CVE-2026-27026 |
unknown |
— |
— |
|
|
|
4mo ago |
pypdf possibly has long runtimes for malformed FlateDecode streams |
| CVE-2026-27025 |
unknown |
— |
— |
|
|
|
4mo ago |
pypdf has possible long runtimes/large memory usage for large /ToUnicode streams |
| CVE-2026-27024 |
unknown |
— |
— |
|
|
|
4mo ago |
pypdf has a possible infinite loop when processing TreeObject |
| CVE-2026-24688 |
unknown |
— |
— |
|
|
|
4mo ago |
pypdf is a free and open-source pure-python PDF library. An attacker who uses an infinite loop vulnerability that is present in versions prior to 6.6.2 can craft a PDF which leads to an infinite loop… |
| CVE-2026-22691 |
unknown |
— |
— |
|
|
|
5mo ago |
pypdf is a free and open-source pure-python PDF library. Prior to version 6.6.0, pypdf has possible long runtimes for malformed startxref. An attacker who uses this vulnerability can craft a PDF whic… |
| CVE-2026-22690 |
unknown |
— |
— |
|
|
|
5mo ago |
pypdf is a free and open-source pure-python PDF library. Prior to version 6.6.0, pypdf has possible long runtimes for missing /Root object with large /Size values. An attacker who uses this vulnerabi… |
| CVE-2025-66019 |
unknown |
— |
— |
|
|
|
6mo ago |
pypdf's LZWDecode streams be manipulated to exhaust RAM |
| CVE-2025-62708 |
unknown |
— |
— |
|
|
|
7mo ago |
pypdf can exhaust RAM via manipulated LZWDecode streams |
| CVE-2025-62707 |
unknown |
— |
— |
|
|
|
7mo ago |
pypdf possibly loops infinitely when reading DCT inline images without EOF marker |
| CVE-2025-55197 |
unknown |
— |
— |
|
|
|
10mo ago |
pypdf is a free and open-source pure-python PDF library. Prior to version 6.0.0, an attacker can craft a PDF which leads to the RAM being exhausted. This requires just reading the file if a series of… |
| CVE-2023-46250 |
unknown |
— |
— |
|
|
|
3y ago |
Possible Infinite Loop when PdfWriter(clone_from) is used with a PDF |
| CVE-2023-36464 |
unknown |
— |
— |
|
|
|
3y ago |
pypdf is an open source, pure-python PDF library. In affected versions an attacker may craft a PDF which leads to an infinite loop if `__parse_content_stream` is executed. That is, for example, the c… |
