CVE-2026-48735
ADVISORY - githubSummary
Impact
An attacker who uses this vulnerability can craft a PDF which leads to large memory usage. This requires parsing large XMP metadata, possibly with lots of unnecessary elements.
Patches
This has been fixed in pypdf==6.12.1.
Workarounds
If you cannot upgrade yet, consider applying the changes from PR #3796.
EPSS Score: 0.0013 (0.030)
Common Weakness Enumeration (CWE)
ADVISORY - nist
Allocation of Resources Without Limits or Throttling
ADVISORY - github
Allocation of Resources Without Limits or Throttling
Sign in to Docker Scout
See which of your images are affected by this CVE and how to fix them by signing into Docker Scout.
Sign in