Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

pypdf — Vulnerabilities & Security Advisories 26

All 26 CVE vulnerabilities found in pypdf, with AI-generated Chinese analysis, references, and POCs.

Vendor: py-pdf

CVE IDTitleCVSSSeverityPublished
CVE-2026-41314 pypdf: Manipulated FlateDecode image dimensions can exhaust RAM CWE-789 6.5AIMediumAI2026-04-22
CVE-2026-41313 pypdf: Possible long runtimes for wrong size values in incremental mode CWE-834 6.5AIMediumAI2026-04-22
CVE-2026-41312 pypdf: Manipulated FlateDecode predictor parameters can exhaust RAM CWE-789 6.5AIMediumAI2026-04-22
CVE-2026-41168 pypdf has possible long runtimes for wrong size values in cross-reference and object streams CWE-834 4.3AIMediumAI2026-04-22
CVE-2026-40260 pypdf: Manipulated XMP metadata entity declarations can exhaust RAM CWE-776 6.5AIMediumAI2026-04-16
CVE-2026-33699 pypdf: Possible infinite loop during recovery attempts in DictionaryObject.read_from_stream CWE-835 6.5 -2026-03-26
CVE-2026-33123 pypdf has inefficient decoding of array-based streams CWE-400 6.5 -2026-03-20
CVE-2026-31826 pypdf: manipulated stream length values can exhaust RAM CWE-770 4.3 -2026-03-10
CVE-2026-28804 pypdf: Inefficient decoding of ASCIIHexDecode streams CWE-407 6.5 -2026-03-06
CVE-2026-28351 Manipulated RunLengthDecode streams can exhaust RAM CWE-400 4.3 -2026-02-27
CVE-2026-27888 pypdf: Manipulated FlateDecode XFA streams can exhaust RAM CWE-400 6.5AIMediumAI2026-02-26
CVE-2026-27628 pypdf has a possible infinite loop when loading circular /Prev entries in cross-reference streams CWE-835 6.5 -2026-02-25
CVE-2026-27026 pypdf possibly has long runtimes for malformed FlateDecode streams CWE-770 6.5AIMediumAI2026-02-20
CVE-2026-27025 pypdf has possible long runtimes/large memory usage for large /ToUnicode streams CWE-834 6.5AIMediumAI2026-02-20
CVE-2026-27024 pypdf has a possible infinite loop when processing TreeObject CWE-835 6.5AIMediumAI2026-02-20
CVE-2026-24688 pypdf has possible Infinite Loop when processing outlines/bookmarks CWE-835 7.5AIHighAI2026-01-27
CVE-2026-22691 pypdf has possible long runtimes for malformed startxref CWE-1333 6.5 -2026-01-10
CVE-2026-22690 pypdf has possible long runtimes for missing /Root object with large /Size values CWE-400--2026-01-10
CVE-2025-66019 pypdf manipulated LZWDecode streams can exhaust RAM CWE-400 4.3AIMediumAI2025-11-25
CVE-2025-62708 pypdf manipulated LZWDecode streams can exhaust RAM CWE-409 4.3 -2025-10-22
CVE-2025-62707 pypdf affected by possible infinite loop when reading DCT inline images without EOF marker CWE-834 6.5AIMediumAI2025-10-22
CVE-2025-55197 pypdf's Manipulated FlateDecode streams can exhaust RAM CWE-400 6.5AIMediumAI2025-08-13
CVE-2023-46250 pypdf possible Infinite Loop when PdfWriter(clone_from) is used with a PDF CWE-835 5.1 Medium2023-10-31
CVE-2023-36810 Quadratic runtime with malformed PDF missing xref marker in pypdf CWE-407 6.2 Medium2023-06-30
CVE-2023-36807 Infinite Loop when reading malformed objects in pypdf CWE-835 6.2 Medium2023-06-30
CVE-2023-36464 Infinite Loop when a comment isn't followed by a character in pypdf CWE-835 6.2 Medium2023-06-27

All 26 known CVE vulnerabilities affecting pypdf with full Chinese analysis, references, and POCs where available.