NVD Vulnerability Detail

Search Exploit, PoC

NVD脆弱性検索トップ

->

NVD Vulnerability Detail

CVE-2026-48735

Summary	pypdf is a free and open-source pure-python PDF library. Prior to 6.12.1, an attacker who uses this vulnerability can craft a PDF which leads to large memory usage. This requires parsing large XMP metadata, possibly with lots of unnecessary elements. This vulnerability is fixed in 6.12.1.
Publication Date	May 29, 2026, 1:16 a.m.
Registration Date	May 29, 2026, 4:15 a.m.
Last Update	May 29, 2026, 3:55 a.m.

Related information, measures and tools

No	URL	refsource	タグ
1	https://github.com/py-pdf/pypdf/pull/3796	security-advisories@github.com
2	https://github.com/py-pdf/pypdf/releases/tag/6.12.1	security-advisories@github.com
3	https://github.com/py-pdf/pypdf/security/advisories/GHSA-wjqc-6w8f-h24c	security-advisories@github.com

Common Vulnerabilities List

No	CWE	Name	URL
1	CWE-770	制限またはスロットリング無しのリソースの割り当て	https://cwe.mitre.org/data/definitions/770.html