CVE-2026-24688
published 2026-01-27CVE-2026-24688: pypdf is a free and open-source pure-python PDF library. An attacker who uses an infinite loop vulnerability that is present in versions prior to 6.6.2 can…
PriorityP421medium4.3CVSS 3.1
AVNACLPRNUIRSUCNINAL
EPSS
0.39%
30.6th percentile
pypdf is a free and open-source pure-python PDF library. An attacker who uses an infinite loop vulnerability that is present in versions prior to 6.6.2 can craft a PDF which leads to an infinite loop. This requires accessing the outlines/bookmarks. This has been fixed in pypdf 6.6.2. If projects cannot upgrade yet, consider applying the changes from PR #3610 manually.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | pypdf | < pypdf 6.9.0-1 (forky) | pypdf 6.9.0-1 (forky) |
| debian | pypdf2 | < pypdf 6.9.0-1 (forky) | pypdf 6.9.0-1 (forky) |
| py-pdf | pypdf | < 6.6.2 | 6.6.2 |
| pypdf_project | pypdf | < 6.6.2 | 6.6.2 |
| pypdf_project | pypdf | >= 0 < 6.9.0-1 | 6.9.0-1 |
| pypdf_project | pypdf | >= 0 < 6.6.2 | 6.6.2 |
CVSS provenance
nvdv3.14.3MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
nvdv4.05.1MEDIUMCVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
osv5.1MEDIUM
vendor_debian5.1MEDIUM
vendor_redhat5.1MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
CVE-2026-24688: pypdf is a free and open-source pure-python PDF library
osv·2026-01-27·CVSS 5.1
CVE-2026-24688 [MEDIUM] CVE-2026-24688: pypdf is a free and open-source pure-python PDF library
pypdf is a free and open-source pure-python PDF library. An attacker who uses an infinite loop vulnerability that is present in versions prior to 6.6.2 can craft a PDF which leads to an infinite loop. This requires accessing the outlines/bookmarks. This has been fixed in pypdf 6.6.2. If projects cannot upgrade yet, consider applying the changes from PR #3610 manually.
GHSA
pypdf has possible Infinite Loop when processing outlines/bookmarks
ghsa·2026-01-26
CVE-2026-24688 [MEDIUM] CWE-835 pypdf has possible Infinite Loop when processing outlines/bookmarks
pypdf has possible Infinite Loop when processing outlines/bookmarks
### Impact
An attacker who uses this vulnerability can craft a PDF which leads to an infinite loop. This requires accessing the outlines/bookmarks.
### Patches
This has been fixed in [pypdf 6.6.2](https://github.com/py-pdf/pypdf/releases/tag/6.6.2).
### Workarounds
If projects cannot upgrade yet, consider applying the changes from PR [#3610](https://github.com/py-pdf/pypdf/pull/3610).
OSV
pypdf has possible Infinite Loop when processing outlines/bookmarks
osv·2026-01-26
CVE-2026-24688 [MEDIUM] pypdf has possible Infinite Loop when processing outlines/bookmarks
pypdf has possible Infinite Loop when processing outlines/bookmarks
### Impact
An attacker who uses this vulnerability can craft a PDF which leads to an infinite loop. This requires accessing the outlines/bookmarks.
### Patches
This has been fixed in [pypdf 6.6.2](https://github.com/py-pdf/pypdf/releases/tag/6.6.2).
### Workarounds
If projects cannot upgrade yet, consider applying the changes from PR [#3610](https://github.com/py-pdf/pypdf/pull/3610).
Red Hat
pypdf: pypdf Infinite Loop when processing outlines/bookmarks
vendor_redhat·2026-01-27·CVSS 5.1
CVE-2026-24688 [MEDIUM] CWE-835 pypdf: pypdf Infinite Loop when processing outlines/bookmarks
pypdf: pypdf Infinite Loop when processing outlines/bookmarks
pypdf is a free and open-source pure-python PDF library. An attacker who uses an infinite loop vulnerability that is present in versions prior to 6.6.2 can craft a PDF which leads to an infinite loop. This requires accessing the outlines/bookmarks. This has been fixed in pypdf 6.6.2. If projects cannot upgrade yet, consider applying the changes from PR #3610 manually.
A reachable infinite loop has been discovered in pypdf. An attacker who uses an infinite loop vulnerability that is present in versions prior to 6.6.2 can craft a PDF which leads to an infinite loop. This requires accessing the outlines/bookmarks.
Mitigation: Mitigation for this issue is either not available or the currently available options do not meet the Red
Debian
CVE-2026-24688: pypdf - pypdf is a free and open-source pure-python PDF library. An attacker who uses an...
vendor_debian·2026·CVSS 5.1
CVE-2026-24688 [MEDIUM] CVE-2026-24688: pypdf - pypdf is a free and open-source pure-python PDF library. An attacker who uses an...
pypdf is a free and open-source pure-python PDF library. An attacker who uses an infinite loop vulnerability that is present in versions prior to 6.6.2 can craft a PDF which leads to an infinite loop. This requires accessing the outlines/bookmarks. This has been fixed in pypdf 6.6.2. If projects cannot upgrade yet, consider applying the changes from PR #3610 manually.
Scope: local
bookworm: open
forky: resolved (fixed in 6.9.0-1)
sid: resolved (fixed in 6.9.0-1)
trixie: open
No detection rules found.
No public exploits indexed.
2026-01-27
Published