CVE-2026-8318

MEDIUM 5.3

VectifyAI PageIndex PDF Table of Contents page_index.py toc_transformer infinite loop

CVSS Score

5.3

EPSS Score

0.0%

EPSS Percentile

0th

A security flaw has been discovered in VectifyAI PageIndex up to f50e52975313c6716c02b20a119577a1929decba. Affected by this vulnerability is the function toc_transformer of the file pageindex/page_index.py of the component PDF Table of Contents Handler. The manipulation results in infinite loop. The attack may be launched remotely. The exploit has been released to the public and may be used for attacks. This product operates on a rolling release basis, ensuring continuous delivery. Consequently, there are no version details for either affected or updated releases.

CWE	CWE-835 CWE-404
Vendor	vectifyai
Product	pageindex
Published	May 11, 2026
Last Updated	May 11, 2026

Stay Ahead of the Next One

Get instant alerts for vectifyai pageindex

Be the first to know when new medium vulnerabilities affecting vectifyai pageindex are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:X/RC:R

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality

Integrity

Availability

Affected Versions

VectifyAI / PageIndex

f50e52975313c6716c02b20a119577a1929decba

References

NVD ↗ CVE.org ↗ EPSS Data ↗

vuldb.com: https://vuldb.com/vuln/362605 vuldb.com: https://vuldb.com/vuln/362605/cti vuldb.com: https://vuldb.com/submit/811273 github.com: https://github.com/VectifyAI/PageIndex/issues/174 github.com: https://github.com/VectifyAI/PageIndex/

Credits

🔍 Eric-b (VulDB User)