Security Advisory

CVE-2026-24688

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-01-27 19:44:06

Last updated 2026-01-27 20:51:48

Assigner GitHub_M

State PUBLISHED

Description

pypdf is a free and open-source pure-python PDF library. An attacker who uses an infinite loop vulnerability that is present in versions prior to 6.6.2 can craft a PDF which leads to an infinite loop. This requires accessing the outlines/bookmarks. This has been fixed in pypdf 6.6.2. If projects cannot upgrade yet, consider applying the changes from PR #3610 manually.

← Browse all CVEs View on cve.org ↗