Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Primary rating from Vendor (certcc).
CVSS VectorVendor: certcc
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Lifecycle Timeline
4Blast Radius
ecosystem impact- 8 pypi packages depend on pymupdf (7 direct, 1 indirect)
Ecosystem-wide dependent count for version 1.26.5.
DescriptionCVE.org
A path traversal and arbitrary file write vulnerability exist in the embedded get function in '_main_.py' in PyMuPDF version, 1.26.5.
AnalysisAI
PyMuPDF versions up to 1.26.5 allow unauthenticated remote attackers to write arbitrary files to the system through path traversal in the embedded get function. This vulnerability enables denial of service attacks and potential system compromise without requiring authentication or user interaction. No patch is currently available.
Technical ContextAI
Path traversal allows an attacker to access files outside the intended directory by manipulating file paths with sequences like '../'.
RemediationAI
Validate and sanitize file path inputs. Use a whitelist of allowed files or directories. Implement chroot jails or containerization.
Same weakness CWE-22 – Path Traversal
View allSame technique Path Traversal
View allVendor StatusVendor
Debian
| Release | Status | Fixed Version | Urgency |
|---|---|---|---|
| bullseye | vulnerable | 1.17.4+ds1-2 | - |
| bookworm | vulnerable | 1.21.1+ds1-1 | - |
| trixie | vulnerable | 1.25.4+ds1-3 | - |
| forky, sid | fixed | 1.26.7+ds1-1 | - |
| (unstable) | fixed | 1.26.7+ds1-1 | - |
SUSE
Severity: High| Product | Status |
|---|---|
| openSUSE Tumbleweed | Fixed |
Share
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-13117
GHSA-cxqh-p2w9-fmr7