CVE-2026-33699
ADVISORY - githubSummary
Impact
An attacker who uses this vulnerability can craft a PDF which leads to an infinite loop. This requires reading a file in non-strict mode.
Patches
This has been fixed in pypdf==6.9.2.
Workarounds
If users cannot upgrade yet, consider applying the changes from PR #3693.
EPSS Score: 0.00455 (0.365)
Common Weakness Enumeration (CWE)
ADVISORY - nist
Loop with Unreachable Exit Condition ('Infinite Loop')
ADVISORY - github
Loop with Unreachable Exit Condition ('Infinite Loop')
ADVISORY - redhat
Unchecked Input for Loop Condition
NIST
CREATED
UPDATED
ADVISORY IDCVE-2026-33699
EXPLOITABILITY SCORE
3.9
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)
CVSS SCORE
4.6mediumGitHub
CREATED
UPDATED
ADVISORY IDGHSA-87mj-5ggw-8qc3
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)
CVSS SCORE
4.6mediumDebian
CREATED
UPDATED
ADVISORY IDCVE-2026-33699
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
Ubuntu
CREATED
UPDATED
ADVISORY IDCVE-2026-33699
EXPLOITABILITY SCORE
3.9
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
CVSS SCORE
7.5mediumRed Hat
CREATED
UPDATED
ADVISORY IDCVE-2026-33699
EXPLOITABILITY SCORE
2.8
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)
CVSS SCORE
6.5mediumChainguard
CREATED
UPDATED
ADVISORY ID
CGA-p4vc-vvcr-p8w4
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
minimos
CREATED
UPDATED
ADVISORY ID
MINI-cf8m-8mr4-c75c
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
minimos
CREATED
UPDATED
ADVISORY ID
MINI-p69r-v447-2x93
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-