CVE-2026-49460
ADVISORY - githubSummary
Impact
An attacker who uses this vulnerability can craft a PDF which leads to long runtimes. This requires accessing a stream which uses the /FlateDecode filter with a PNG predictor.
Patches
This has been fixed in pypdf==6.12.2.
Workarounds
If you cannot upgrade yet, consider applying the changes from PR #3806.
EPSS Score: 0.00117 (0.020)
Common Weakness Enumeration (CWE)
ADVISORY - github
Inefficient Algorithmic Complexity
Sign in to Docker Scout
See which of your images are affected by this CVE and how to fix them by signing into Docker Scout.
Sign in