CVE-2026-41312
published 2026-04-22CVE-2026-41312: pypdf is a free and open-source pure-python PDF library. An attacker who uses a vulnerability present in versions prior to 6.10.2 can craft a PDF which leads…
PriorityP433medium6.5CVSS 3.1
AVNACLPRNUIRSUCNINAH
EPSS
0.23%
13.3th percentile
pypdf is a free and open-source pure-python PDF library. An attacker who uses a vulnerability present in versions prior to 6.10.2 can craft a PDF which leads to the RAM being exhausted. This requires accessing a stream compressed using `/FlateDecode` with a `/Predictor` unequal 1 and large predictor parameters. This has been fixed in pypdf 6.10.2. As a workaround, one may apply the changes from the patch manually.
Affected
12 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ansible-automation-platform-25 | lightspeed-chatbot-rhel8 | — | — |
| lightspeed-core | rag-tool-rhel9 | — | — |
| openshift-lightspeed-tech-preview | lightspeed-rag-tool-rhel9 | — | — |
| openshift-lightspeed | lightspeed-ocp-rag-rhel9 | — | — |
| py-pdf | pypdf | < 6.10.2 | 6.10.2 |
| pypdf_project | pypdf | < 6.10.2 | 6.10.2 |
| quay | quay-rhel8 | — | — |
| quay | quay-rhel9 | — | — |
| rhelai3 | bootc-cuda-rhel9 | — | — |
| rhelai3 | bootc-rocm-rhel9 | — | — |
| rhelai3 | disk-image-cuda-rhel9 | — | — |
| rhoai | odh-llama-stack-core-rhel9 | — | — |
CVSS provenance
nvdv3.16.5MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
nvdv4.04.8MEDIUMCVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
vendor_redhat4.8MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Red Hat
pypdf: pypdf: Denial of Service due to excessive memory consumption via specially crafted PDF
vendor_redhat·2026-04-22·CVSS 4.8
CVE-2026-41312 [MEDIUM] CWE-770 pypdf: pypdf: Denial of Service due to excessive memory consumption via specially crafted PDF
pypdf: pypdf: Denial of Service due to excessive memory consumption via specially crafted PDF
A flaw was found in pypdf. An attacker can craft a malicious PDF file containing a specially compressed stream. When this file is processed, it can lead to excessive memory consumption (RAM exhaustion), resulting in a Denial of Service (DoS) for the affected system.
Mitigation: Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.
Package: lightspeed-core/rag-tool-rhel9 (Lightspeed Core) - Fix deferred
Package: openshift-lightspeed/lightspeed-ocp-rag-rhel9 (OpenShift Lightspeed) - Fix deferred
Package: openshift-li
VulDB
py-pdf pypdf up to 6.10.1 predictor memory allocation (GHSA-7gw9-cf7v-778f / Nessus ID 316727)
vuldb·2026-05-26·CVSS 4.8
CVE-2026-41312 [MEDIUM] py-pdf pypdf up to 6.10.1 predictor memory allocation (GHSA-7gw9-cf7v-778f / Nessus ID 316727)
A vulnerability categorized as problematic has been discovered in py-pdf pypdf up to 6.10.1. This issue affects some unknown processing. Such manipulation of the argument predictor leads to uncontrolled memory allocation.
This vulnerability is documented as CVE-2026-41312. The attack can be executed remotely. There is not any exploit available.
It is advisable to upgrade the affected component.
No detection rules found.
No public exploits indexed.
2026-04-22
Published