CVE-2026-27628

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions pypdf versions prior to 6.7.2

Description A crafted PDF file can cause an infinite loop when read, potentially impacting systems processing these files. The issue requires file reading to be triggered.

Recommendations Update to version 6.7.2 or later. As a workaround, apply the changes from PR #3655.

Exploit

Fix

DoS

Infinite Loop

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-835

Related Identifiers

BDU:2026-07221

CVE-2026-27628

GHSA-2RW7-X74F-JG35

OPENSUSE-SU-2026:10284-1

OPENSUSE-SU-2026:20333-1

Affected Products

Red Os

Pypdf

CVE-2026-27628

Weakness Enumeration

Related Identifiers

Affected Products

References · 39