{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-41314", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2026-04-20T14:01:46.671Z", "datePublished": "2026-04-22T21:08:14.700Z", "dateUpdated": "2026-04-23T14:21:47.589Z"}, "containers": {"cna": {"title": "pypdf: Manipulated FlateDecode image dimensions can exhaust RAM", "problemTypes": [{"descriptions": [{"cweId": "CWE-789", "lang": "en", "description": "CWE-789: Memory Allocation with Excessive Size Value", "type": "CWE"}]}], "metrics": [{"cvssV4_0": {"attackVector": "LOCAL", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "userInteraction": "PASSIVE", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnAvailabilityImpact": "LOW", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "baseScore": 4.8, "baseSeverity": "MEDIUM", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N", "version": "4.0"}}], "references": [{"name": "https://github.com/py-pdf/pypdf/security/advisories/GHSA-x284-j5p8-9c5p", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/py-pdf/pypdf/security/advisories/GHSA-x284-j5p8-9c5p"}, {"name": "https://github.com/py-pdf/pypdf/pull/3734", "tags": ["x_refsource_MISC"], "url": "https://github.com/py-pdf/pypdf/pull/3734"}, {"name": "https://github.com/py-pdf/pypdf/commit/ac734dab4eef92bcce50d503949b4d9887d89f11", "tags": ["x_refsource_MISC"], "url": "https://github.com/py-pdf/pypdf/commit/ac734dab4eef92bcce50d503949b4d9887d89f11"}, {"name": "https://github.com/py-pdf/pypdf/releases/tag/6.10.2", "tags": ["x_refsource_MISC"], "url": "https://github.com/py-pdf/pypdf/releases/tag/6.10.2"}], "affected": [{"vendor": "py-pdf", "product": "pypdf", "versions": [{"version": "< 6.10.2", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-04-22T21:08:14.700Z"}, "descriptions": [{"lang": "en", "value": "pypdf is a free and open-source pure-python PDF library. An attacker who uses a vulnerability present in versions prior to 6.10.2 can craft a PDF which leads to the RAM being exhausted. This requires accessing an image using `/FlateDecode` with large size values. This has been fixed in pypdf 6.10.2. As a workaround, one may apply the changes from the patch manually."}], "source": {"advisory": "GHSA-x284-j5p8-9c5p", "discovery": "UNKNOWN"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-04-23T14:21:23.056055Z", "id": "CVE-2026-41314", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-23T14:21:47.589Z"}}]}}

{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-41314", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2026-04-20T14:01:46.671Z", "datePublished": "2026-04-22T21:08:14.700Z", "dateUpdated": "2026-04-23T14:21:47.589Z"}, "containers": {"cna": {"title": "pypdf: Manipulated FlateDecode image dimensions can exhaust RAM", "problemTypes": [{"descriptions": [{"cweId": "CWE-789", "lang": "en", "description": "CWE-789: Memory Allocation with Excessive Size Value", "type": "CWE"}]}], "metrics": [{"cvssV4_0": {"attackVector": "LOCAL", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "userInteraction": "PASSIVE", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnAvailabilityImpact": "LOW", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "baseScore": 4.8, "baseSeverity": "MEDIUM", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N", "version": "4.0"}}], "references": [{"name": "https://github.com/py-pdf/pypdf/security/advisories/GHSA-x284-j5p8-9c5p", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/py-pdf/pypdf/security/advisories/GHSA-x284-j5p8-9c5p"}, {"name": "https://github.com/py-pdf/pypdf/pull/3734", "tags": ["x_refsource_MISC"], "url": "https://github.com/py-pdf/pypdf/pull/3734"}, {"name": "https://github.com/py-pdf/pypdf/commit/ac734dab4eef92bcce50d503949b4d9887d89f11", "tags": ["x_refsource_MISC"], "url": "https://github.com/py-pdf/pypdf/commit/ac734dab4eef92bcce50d503949b4d9887d89f11"}, {"name": "https://github.com/py-pdf/pypdf/releases/tag/6.10.2", "tags": ["x_refsource_MISC"], "url": "https://github.com/py-pdf/pypdf/releases/tag/6.10.2"}], "affected": [{"vendor": "py-pdf", "product": "pypdf", "versions": [{"version": "< 6.10.2", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-04-22T21:08:14.700Z"}, "descriptions": [{"lang": "en", "value": "pypdf is a free and open-source pure-python PDF library. An attacker who uses a vulnerability present in versions prior to 6.10.2 can craft a PDF which leads to the RAM being exhausted. This requires accessing an image using `/FlateDecode` with large size values. This has been fixed in pypdf 6.10.2. As a workaround, one may apply the changes from the patch manually."}], "source": {"advisory": "GHSA-x284-j5p8-9c5p", "discovery": "UNKNOWN"}}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-41314", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-04-23T14:21:23.056055Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-23T14:21:36.340Z"}}]}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:pypdf_project:pypdf:*:*:*:*:*:*:*:*", "matchCriteriaId": "337052B5-CF2A-4226-8757-E09AB8B66A82", "versionEndExcluding": "6.10.2", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "pypdf is a free and open-source pure-python PDF library. An attacker who uses a vulnerability present in versions prior to 6.10.2 can craft a PDF which leads to the RAM being exhausted. This requires accessing an image using `/FlateDecode` with large size values. This has been fixed in pypdf 6.10.2. As a workaround, one may apply the changes from the patch manually."}], "id": "CVE-2026-41314", "lastModified": "2026-04-27T19:29:40.690", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "LOCAL", "availabilityRequirement": "NOT_DEFINED", "baseScore": 4.8, "baseSeverity": "MEDIUM", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "PASSIVE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "LOW", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2026-04-22T22:16:32.367", "references": [{"source": "security-advisories@github.com", "tags": ["Patch"], "url": "https://github.com/py-pdf/pypdf/commit/ac734dab4eef92bcce50d503949b4d9887d89f11"}, {"source": "security-advisories@github.com", "tags": ["Issue Tracking", "Patch"], "url": "https://github.com/py-pdf/pypdf/pull/3734"}, {"source": "security-advisories@github.com", "tags": ["Release Notes"], "url": "https://github.com/py-pdf/pypdf/releases/tag/6.10.2"}, {"source": "security-advisories@github.com", "tags": ["Patch", "Vendor Advisory"], "url": "https://github.com/py-pdf/pypdf/security/advisories/GHSA-x284-j5p8-9c5p"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-789"}], "source": "security-advisories@github.com", "type": "Primary"}]}

{"bugzilla": {"description": "pypdf: python: pypdf: Denial of Service via crafted PDF with large image sizes", "id": "2460920", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2460920"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "status": "draft"}, "cwe": "CWE-770", "details": ["A flaw was found in pypdf, a pure-Python PDF library. An attacker can exploit this vulnerability by crafting a malicious PDF file that accesses an image using `/FlateDecode` with large size values. This can lead to memory exhaustion, resulting in a Denial of Service (DoS) for the system processing the PDF."], "mitigation": {"lang": "en:us", "value": "To mitigate this issue, avoid processing untrusted PDF files with applications utilizing the pypdf library. Restricting the sources of PDF files to trusted origins can reduce the risk of exploitation."}, "name": "CVE-2026-41314", "package_state": [{"cpe": "cpe:/a:redhat:lightspeed_core", "fix_state": "Fix deferred", "package_name": "lightspeed-core/rag-tool-rhel9", "product_name": "Lightspeed Core"}, {"cpe": "cpe:/a:redhat:openshift_lightspeed", "fix_state": "Fix deferred", "package_name": "openshift-lightspeed/lightspeed-ocp-rag-rhel9", "product_name": "OpenShift Lightspeed"}, {"cpe": "cpe:/a:redhat:openshift_lightspeed", "fix_state": "Fix deferred", "package_name": "openshift-lightspeed-tech-preview/lightspeed-rag-tool-rhel9", "product_name": "OpenShift Lightspeed"}, {"cpe": "cpe:/a:redhat:ansible_automation_platform:2", "fix_state": "Fix deferred", "package_name": "ansible-automation-platform-25/lightspeed-chatbot-rhel8", "product_name": "Red Hat Ansible Automation Platform 2"}, {"cpe": "cpe:/a:redhat:enterprise_linux_ai:3", "fix_state": "Fix deferred", "package_name": "rhelai3/bootc-cuda-rhel9", "product_name": "Red Hat Enterprise Linux AI (RHEL AI) 3"}, {"cpe": "cpe:/a:redhat:enterprise_linux_ai:3", "fix_state": "Fix deferred", "package_name": "rhelai3/bootc-rocm-rhel9", "product_name": "Red Hat Enterprise Linux AI (RHEL AI) 3"}, {"cpe": "cpe:/a:redhat:enterprise_linux_ai:3", "fix_state": "Fix deferred", "package_name": "rhelai3/disk-image-cuda-rhel9", "product_name": "Red Hat Enterprise Linux AI (RHEL AI) 3"}, {"cpe": "cpe:/a:redhat:openshift_ai", "fix_state": "Fix deferred", "package_name": "rhoai/odh-llama-stack-core-rhel9", "product_name": "Red Hat OpenShift AI (RHOAI)"}, {"cpe": "cpe:/a:redhat:quay:3", "fix_state": "Fix deferred", "package_name": "quay/quay-rhel8", "product_name": "Red Hat Quay 3"}, {"cpe": "cpe:/a:redhat:quay:3", "fix_state": "Fix deferred", "package_name": "quay/quay-rhel9", "product_name": "Red Hat Quay 3"}], "public_date": "2026-04-22T21:08:14Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2026-41314\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-41314\nhttps://github.com/py-pdf/pypdf/commit/ac734dab4eef92bcce50d503949b4d9887d89f11\nhttps://github.com/py-pdf/pypdf/pull/3734\nhttps://github.com/py-pdf/pypdf/releases/tag/6.10.2\nhttps://github.com/py-pdf/pypdf/security/advisories/GHSA-x284-j5p8-9c5p"], "threat_severity": "Moderate"}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,6.10.2)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "pypdf", "source": "cna", "vendor": "py-pdf"}, "product": "pypdf", "vendor": "py-pdf"}], "analysis": {"en": {"generated_at": "2026-04-28T15:15:29.873439+00:00", "value": {"mitigation_remediation": ["Upgrade the pypdf library to version 6.10.2 or newer.", "If upgrading is not immediately feasible, apply the patch changes from commit ac734dab4eef92bcce50d503949b4d9887d89f11 manually to the affected code.", "Add process\u2011level resource limits for any application that parses PDFs, such as setting a maximum memory cap or deploying the process in a container with constrained RAM."], "summary": {"action": "Apply Patch", "impact": "Memory Exhaustion (Denial of Service)"}, "threat_synthesis": {"affected_systems": "All installations of the pypdf library before version 6.10.2 are vulnerable. The fix was introduced in release 6.10.2; therefore, any application that uses an older pypdf version and parses PDFs from untrusted sources is at risk.", "description_and_impact": "pypdf, a pure\u2011python PDF library, contains a flaw that allows an attacker to craft a PDF with an image decoded by /FlateDecode and exaggerated dimension values. When the library processes such an image, it allocates an enormous amount of RAM to hold the decoded pixels, which can exhaust the process memory and lead to a crash or unresponsiveness. The issue maps to unchecked resource allocation weaknesses, namely CWE\u2011770.", "risk_and_exploitability": "With a CVSS score of 4.8, the vulnerability is considered moderate. The EPSS score is reported as less than 1\u202f%, implying a very low probability of exploitation, and the vulnerability is not listed in the CISA KEV catalog. It is inferred that the most likely attack scenario involves an adversary delivering a malicious PDF to an application that uses pypdf; the attacker does not need privileged access, but can cause resource exhaustion locally, potentially impacting the availability of services that depend on the library."}}}}, "created": "2026-04-22T22:30:28.630770+00:00", "updated": "2026-04-28T15:15:34.212758+00:00", "vendors": ["py-pdf", "py-pdf$PRODUCT$pypdf"]}