CVE-2026-28804

CVSS v4.0

6.9

Medium

Vector

AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

Name of the Vulnerable Software and Affected Versions pypdf versions prior to 6.7.5

Description A crafted PDF file can cause excessive processing time when accessing a stream that utilizes the /ASCIIHexDecode filter. This issue affects the pypdf library.

Recommendations Update to version 6.7.5 or later.

Exploit

Fix

DoS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-407

Related Identifiers

BDU:2026-07225

CVE-2026-28804

GHSA-9M86-7PMV-2852

OPENSUSE-SU-2026:10321-1

OPENSUSE-SU-2026:20348-1

Affected Products

Red Os

Pypdf

CVE-2026-28804

Weakness Enumeration

Related Identifiers

Affected Products

References · 25