Severity by source
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
Primary rating from GitHub Advisory.
CVSS VectorGitHub Advisory
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
5DescriptionGitHub Advisory
pypdf is a free and open-source pure-python PDF library. Prior to 6.12.0, an attacker who uses this vulnerability can craft a PDF which leads to long runtimes. This requires cross-reference streams with /W [0 0 0] values and large /Size values. This vulnerability is fixed in 6.12.0.
AnalysisAI
Denial-of-service via algorithmic complexity in pypdf before 6.12.0 allows an attacker who can supply a crafted PDF file to cause excessive processing time during cross-reference stream parsing. The vulnerability is triggered by crafting a PDF with /W [0 0 0] field values in a cross-reference stream combined with a large /Size value, which causes the library to perform unbounded iteration over zero-byte entries. No public exploit code has been identified at time of analysis, and this vulnerability is not listed in the CISA KEV catalog; however, any application that processes untrusted PDF input using pypdf is exposed.
Technical ContextAI
pypdf is a pure-Python PDF library (CPE: cpe:2.3:a:py-pdf:pypdf:*:*:*:*:*:*:*:*) that implements PDF 1.5+ cross-reference streams. Cross-reference streams use a /W array to specify the byte widths of the three fields per entry (type, offset, generation). When all three width values are zero (/W [0 0 0]), each entry consumes zero bytes; a parser that attempts to iterate over all entries declared by /Size will loop effectively indefinitely. This maps directly to CWE-834 (Excessive Iteration). The vulnerable logic was in _sanitize_pdf15_xref_stream_index_pairs inside _reader.py, where the previous guard used max(sum(W), 1) to prevent a ZeroDivisionError but did not short-circuit before attempting the full iteration. The fix in PR #3791 adds an early-exit when min_entry_bytes == 0, returning an empty list (non-strict mode) or raising PdfStreamError (strict mode).
RemediationAI
Vendor-released patch: pypdf 6.12.0. Upgrade immediately by running 'pip install --upgrade pypdf>=6.12.0'. The fix is confirmed in the GitHub release at https://github.com/py-pdf/pypdf/releases/tag/6.12.0 and the underlying code change is visible in PR #3791 at https://github.com/py-pdf/pypdf/pull/3791. For deployments that cannot upgrade immediately, a compensating control is to wrap PDF parsing calls in a timeout using Python's signal.alarm or a subprocess with a hard wall-clock limit, and reject any PDF that exceeds it; this trades off latency predictability for protection. Alternatively, pre-screening PDFs with a separate validator before passing them to pypdf reduces exposure. Both workarounds introduce operational complexity and should be treated as temporary.
Wazuh SIEM platform versions 4.4.0 through 4.9.0 contain an unsafe deserialization vulnerability in the DistributedAPI t
BentoML version 1.4.2 and earlier contains an unauthenticated remote code execution vulnerability through insecure deser
pgAdmin 4 contains critical remote code execution vulnerabilities in the Query Tool download and Cloud Deployment endpoi
The renderLocalView function in render/views.py in graphite-web in Graphite 0.9.5 through 0.9.10 uses the pickle Python
BentoML is a Python library for building online serving systems optimized for AI apps and model inference. Rated critica
OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly restrict processing of ChangeCiph
pyLoad download manager version prior to 0.5.0b3.dev77 exposes the Flask SECRET_KEY through an unauthenticated endpoint.
In Mercurial before 4.1.3, "hg serve --stdio" allows remote authenticated users to launch the Python debugger, and conse
Unauthenticated remote code execution in Marimo ≤0.20.4 allows attackers to execute arbitrary system commands via the `/
pyLoad is the free and open-source Download Manager written in pure Python. Rated medium severity (CVSS 5.3), this vulne
Langflow (a visual LLM pipeline builder) contains a critical unauthenticated code execution vulnerability (CVE-2026-3301
Cross-user flow execution in Langflow (< 1.9.1) lets any authenticated API-key holder run another user's flow by passing
Same weakness CWE-834 – Excessive Iteration
View allSame technique Information Disclosure
View allVendor StatusVendor
SUSE
Severity: LowShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-32913
GHSA-248m-82v9-q6g6