Launch Week Day 1: Announcing Security Design Review
Start for Free
pypi

pypdf

View on pypi registry
26 Total advisories
26 Vulnerabilities
0 Malware

Vulnerabilities

UNKNOWN
PyPI

CVE-2026-48155

pypdf: Possible large memory usage for large offsets for layout mode text
LOW 3.3
PyPI

CVE-2026-48156

pypdf: Possible long runtimes for zero-only width values in cross-reference streamsuntimes for zero-only width values in cross-reference streams
MEDIUM 6.5
PyPI

CVE-2026-41312

pypdf: Manipulated FlateDecode predictor parameters can exhaust RAM
MEDIUM 5.3
PyPI

CVE-2026-41168

pypdf has long runtimes for wrong size values in cross-reference and object streams
MEDIUM 6.5
PyPI

CVE-2026-41314

pypdf: Manipulated FlateDecode image dimensions can exhaust RAM
MEDIUM 6.5
PyPI

CVE-2026-41313

pypdf: Possible long runtimes for wrong size values in incremental mode
MEDIUM 5.3
PyPI

CVE-2026-40260

pypdf: Manipulated XMP metadata entity declarations can exhaust RAM
UNKNOWN
PyPI

CVE-2026-33699

pypdf: Possible infinite loop during recovery attempts in DictionaryObject.read_from_stream
UNKNOWN
PyPI

CVE-2026-33123

pypdf has inefficient decoding of array-based streams
UNKNOWN
PyPI

CVE-2026-31826

pypdf: manipulated stream length values can exhaust RAM
UNKNOWN
PyPI

CVE-2026-28804

pypdf vulnerable to inefficient decoding of ASCIIHexDecode streams
UNKNOWN
PyPI

CVE-2026-28351

pypdf: Manipulated RunLengthDecode streams can exhaust RAM
UNKNOWN
PyPI

CVE-2026-27888

pypdf: Manipulated FlateDecode XFA streams can exhaust RAM
UNKNOWN
PyPI

CVE-2026-27628

pypdf has a possible infinite loop when loading circular /Prev entries in cross-reference streams
UNKNOWN
PyPI

CVE-2026-27026

pypdf possibly has long runtimes for malformed FlateDecode streams
UNKNOWN
PyPI

CVE-2026-27025

pypdf has possible long runtimes/large memory usage for large /ToUnicode streams
UNKNOWN
PyPI

CVE-2026-27024

pypdf has a possible infinite loop when processing TreeObject
UNKNOWN
PyPI

CVE-2026-24688

pypdf has possible Infinite Loop when processing outlines/bookmarks
UNKNOWN
PyPI

CVE-2025-62708

pypdf can exhaust RAM via manipulated LZWDecode streams
UNKNOWN
PyPI

CVE-2025-55197

PyPDF's Manipulated FlateDecode streams can exhaust RAM
UNKNOWN
PyPI

CVE-2025-62707

pypdf possibly loops infinitely when reading DCT inline images without EOF marker
UNKNOWN
PyPI

CVE-2025-66019

pypdf's LZWDecode streams be manipulated to exhaust RAM
UNKNOWN
PyPI

CVE-2026-22691

pypdf has possible long runtimes for malformed startxref
UNKNOWN
PyPI

CVE-2026-22690

pypdf has possible long runtimes for missing /Root object with large /Size values
MEDIUM 5.1
PyPI

CVE-2023-46250

Possible Infinite Loop when PdfWriter(clone_from) is used with a PDF
MEDIUM 6.2
PyPI

CVE-2023-36464

pypdf and PyPDF2 possible Infinite Loop when a comment isn't followed by a character

Ready to move

Start Securing

Start for Free Get Demo

Free, no credit card | First findings in minutes