CVE-2026-48155
ADVISORY - githubSummary
Impact
An attacker who uses this vulnerability can craft a PDF which leads to large memory usage. This requires extracting text in layout mode with large character offsets.
Patches
This has been fixed in pypdf==6.12.0.
Workarounds
If developers are unable to immediately upgrade, they should consider applying the changes from PR #3790.
EPSS Score: 0.00127 (0.028)
Common Weakness Enumeration (CWE)
ADVISORY - nist
Uncontrolled Resource Consumption
ADVISORY - github
Uncontrolled Resource Consumption
NIST
CREATED
UPDATED
ADVISORY IDCVE-2026-48155
EXPLOITABILITY SCORE
1.8
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)
CVSS SCORE
4.8mediumGitHub
CREATED
UPDATED
ADVISORY IDGHSA-cj93-chg6-vgv8
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)
CVSS SCORE
4.8mediumDebian
CREATED
UPDATED
ADVISORY IDCVE-2026-48155
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
Ubuntu
CREATED
UPDATED
ADVISORY IDCVE-2026-48155
EXPLOITABILITY SCORE
1.8
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
CVSS SCORE
5.5mediumChainguard
CREATED
UPDATED
ADVISORY ID
CGA-fqfm-9h3p-5mmm
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
minimos
CREATED
UPDATED
ADVISORY ID
MINI-5g2h-p35x-m83c
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
minimos
CREATED
UPDATED
ADVISORY ID
MINI-984j-vcph-7446
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
minimos
CREATED
UPDATED
ADVISORY ID
MINI-g8j7-mpvj-ggr5
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
minimos
CREATED
UPDATED
ADVISORY ID
MINI-phjh-vfq3-mw95
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
minimos
CREATED
UPDATED
ADVISORY ID
MINI-v86c-f888-cc2p
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-