Analysis and contextual insights are available on OpenCVE Cloud.
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
No advisories yet.
Wed, 08 Jul 2026 20:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Py-pdf
Py-pdf pypdf |
|
| Vendors & Products |
Py-pdf
Py-pdf pypdf |
Wed, 08 Jul 2026 17:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | pypdf is a free and open-source pure-python PDF library. Prior to 6.14.0, an attacker can craft a PDF with repeated malformed cross-reference streams that cause pypdf to spend long runtimes recovering broken cross-reference table entries. This issue is fixed in version 6.14.0. | |
| Title | pypdf: Possible long runtimes for repeated malformed cross-reference entries | |
| Weaknesses | CWE-400 | |
| References |
| |
| Metrics |
cvssV4_0
|
Status: PUBLISHED
Assigner: GitHub_M
Published:
Updated: 2026-07-08T17:25:34.026Z
Reserved: 2026-07-07T18:20:06.127Z
Link: CVE-2026-59937
No data.
No data.
No data.
OpenCVE Enrichment
Updated: 2026-07-08T20:30:04Z