CVE-2026-48735— pypdf: Manipulated XMP metadata streams can exhaust RAM
Possible ATT&CK Techniques 1AI
T1496 · Resource HijackingGet alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2026-48735
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
pypdf: Manipulated XMP metadata streams can exhaust RAM
Source: NVD (National Vulnerability Database)
Vulnerability Description
pypdf is a free and open-source pure-python PDF library. Prior to 6.12.1, an attacker who uses this vulnerability can craft a PDF which leads to large memory usage. This requires parsing large XMP metadata, possibly with lots of unnecessary elements. This vulnerability is fixed in 6.12.1.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
不加限制或调节的资源分配
Source: NVD (National Vulnerability Database)
Affected Products
II. Public POCs for CVE-2026-48735
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2026-48735
请登录查看更多情报信息。
Patches & Fixes for CVE-2026-48735 (1)
Vendor Advisories for CVE-2026-48735 (1)
Vendor Pages for CVE-2026-48735 (1)
- 🔗 Release Version 6.12.1, 2026-05-22 · py-pdf/pypdf · GitHubx_refsource_MISC
Same Patch Batch · py-pdf · 2026-05-28 · 3 CVEs total
| CVE-2026-48156 | pypdf: Possible long runtimes for zero-only width values in cross-reference streams | |
| CVE-2026-48155 | pypdf: Possible large memory usage for large offsets for layout mode text |
IV. Related Vulnerabilities
Same product: pypdf
- CVE-2026-48155
pypdf: Possible large memory usage for large offsets for lay - CVE-2026-48156
pypdf: Possible long runtimes for zero-only width values in - CVE-2026-41314
pypdf: Manipulated FlateDecode image dimensions can exhaust - CVE-2026-41313
pypdf: Possible long runtimes for wrong size values in incre - CVE-2026-41312
pypdf: Manipulated FlateDecode predictor parameters can exha
Same vendor: py-pdf
- CVE-2026-48155
pypdf: Possible large memory usage for large offsets for lay - CVE-2026-48156
pypdf: Possible long runtimes for zero-only width values in - CVE-2026-41314
pypdf: Manipulated FlateDecode image dimensions can exhaust - CVE-2026-41313
pypdf: Possible long runtimes for wrong size values in incre - CVE-2026-41312
pypdf: Manipulated FlateDecode predictor parameters can exha
Same weakness: CWE-770
- CVE-2026-45023
AutoGP: Credit system bypassed via direct block execution in - CVE-2026-45292
opentelemetry-java: Unbounded Memory Allocation in W3C Bagga - CVE-2026-45078
Synapse CPU starvation (Denial of Service) - CVE-2026-1402
Allocation of Resources Without Limits or Throttling in GitL - CVE-2026-6053
IBM® Db2® is vulnerable to a denial of service when a specia
V. Comments for CVE-2026-48735
No comments yet