| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-41314 | pypdf: Manipulated FlateDecode image dimensions can exhaust RAM | py-pdf | pypdf | - | - | 2026-04-22 21:08:15 | Deep Dive |
| CVE-2026-41313 | pypdf: Possible long runtimes for wrong size values in incremental mode | py-pdf | pypdf | - | - | 2026-04-22 21:05:00 | Deep Dive |
| CVE-2026-41312 | pypdf: Manipulated FlateDecode predictor parameters can exhaust RAM | py-pdf | pypdf | - | - | 2026-04-22 21:02:53 | Deep Dive |
| CVE-2026-41168 | pypdf has possible long runtimes for wrong size values in cross-reference and object streams | py-pdf | pypdf | - | - | 2026-04-22 20:49:10 | Deep Dive |
| CVE-2026-33436 | Stirling-PDF: Reflected XSS through crafted filename in file upload functionality | Stirling-Tools | Stirling-PDF | Low | 3.1 | 2026-04-17 20:29:43 | Deep Dive |
| CVE-2026-40260 | pypdf: Manipulated XMP metadata entity declarations can exhaust RAM | py-pdf | pypdf | - | - | 2026-04-16 23:18:27 | Deep Dive |
| CVE-2026-3649 | Katalogportal-pdf-sync Widget <= 1.0.0 - Missing Authorization to Authenticated (Subscriber+) Information Disclosure via 'katalogportal_shortcodePrinter' AJAX Action | colbeinformatik | Katalogportal-pdf-sync Widget | Medium | 5.3 | 2026-04-15 08:28:16 | Deep Dive |
| CVE-2026-1314 | 3D FlipBook – PDF Embedder, PDF Flipbook Viewer, Flipbook Image Gallery <= 1.16.17 - Missing Authorization to Unauthenticated Private/Draft Flipbook Data Exposure | iberezansky | 3D FlipBook – PDF Embedder, PDF Flipbook Viewer, Flipbook Image Gallery | Medium | 5.3 | 2026-04-14 23:26:08 | Deep Dive |
| CVE-2026-5936 | Server-Side Request Forgery (SSRF) via URL Parameter in Foxit PDF Services API | Foxit Software Inc. | Foxit PDF Services API | High | 8.5 | 2026-04-13 06:57:40 | Deep Dive |
| CVE-2026-39686 | WordPress BSK PDF Manager plugin <= 3.7.2 - Sensitive Data Exposure vulnerability | bannersky | BSK PDF Manager | - | - | 2026-04-08 08:30:43 | Deep Dive |
| CVE-2026-3774 | Self-Modifications Affecting Altered Printing and Redaction in Foxit PDF Editor | Foxit Software Inc. | Foxit PDF Editor | Medium | 4.7 | 2026-04-01 01:40:39 | Deep Dive |
| CVE-2026-3775 | Foxit PDF Editor/Reader Update Service Uncontrolled Search Path Element Local Privilege Escalation Vulnerability | Foxit Software Inc. | Foxit PDF Editor | High | 7.8 | 2026-04-01 01:40:37 | Deep Dive |
| CVE-2026-3776 | Null pointer dereference in Foxit PDF Editor/Reader when accessing stamp annotation | Foxit Software Inc. | Foxit PDF Editor | Medium | 5.5 | 2026-04-01 01:40:35 | Deep Dive |
| CVE-2026-3780 | Foxit PDF Editor/Reader Installer Uncontrolled Search Path Privilege Escalation | Foxit Software Inc. | Foxit PDF Reader | High | 7.3 | 2026-04-01 01:40:34 | Deep Dive |
| CVE-2026-3778 | Stack exhaustion caused by cyclic references in Foxit PDF Editor/Reader | Foxit Software Inc. | Foxit PDF Editor | Medium | 6.2 | 2026-04-01 01:40:32 | Deep Dive |
| CVE-2026-3779 | Foxit PDF Editor/Reader List Box Calculate Array Use-After-Free Vulnerability | Foxit Software Inc. | Foxit PDF Editor | High | 7.8 | 2026-04-01 01:40:30 | Deep Dive |
| CVE-2026-3777 | Use after free of view cache in Foxit PDF Editor/Reader | Foxit Software Inc. | Foxit PDF Editor | Medium | 5.5 | 2026-04-01 01:40:28 | Deep Dive |
| CVE-2026-33699 | pypdf: Possible infinite loop during recovery attempts in DictionaryObject.read_from_stream | py-pdf | pypdf | 中危 | - | 2026-03-26 23:58:43 | Deep Dive |
| CVE-2026-34071 | Stirling-PDF has Stored Cross Site Scripting (XSS) via EML-to-HTML Export | Stirling-Tools | Stirling-PDF | Medium | 5.4 | 2026-03-26 17:00:09 | Deep Dive |
| CVE-2026-33438 | Stirling-PDF vulnerable to DoS via add-watermark | Stirling-Tools | Stirling-PDF | Medium | 6.5 | 2026-03-26 16:58:07 | Deep Dive |