CVE-2026-31826

Published
View on NVD ↗
CVSS v3
5.5
MEDIUM
CVSS v2
N/A
Affected
1
PROJECT

Description

pypdf is a free and open-source pure-python PDF library. Prior to 6.8.0, an attacker who uses this vulnerability can craft a PDF which leads to large memory usage. This requires parsing a content stream with a rather large /Length value, regardless of the actual data length inside the stream. This vulnerability is fixed in 6.8.0.

py-pdf/pypdf
py-pdf/pypdf
A pure-python PDF library capable of splitting, merging, cropping, and transforming the pages of PDF files
GitHubGitHub
10K