CVE-2026-59938
pypdf: Possible large memory usage for wrong image dimensions
CVSS Score
0.0
EPSS Score
0.3%
EPSS Percentile
25th
pypdf is a free and open-source pure-python PDF library. Prior to 6.14.0, an attacker can craft a PDF with declared image size values that are much too large compared to the actual data, causing large memory usage in pypdf image parsing. This issue is fixed in version 6.14.0.
| CWE | CWE-789 |
| Vendor | py-pdf |
| Product | pypdf |
| Published | Jul 8, 2026 |
| Last Updated | Jul 9, 2026 |
Stay Ahead of the Next One
Get instant alerts for py-pdf pypdf
Be the first to know when new unknown vulnerabilities affecting py-pdf pypdf are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
Affected Versions
py-pdf / pypdf
< 6.14.0