Arbitrary Code Execution in Pdfminer.six by Malicious PDF Files
CVE-2025-64512

8.6HIGH

Key Information:

Vendor

PDFminer

Status
PDFminer.six
Vendor
CVE Published:
10 November 2025

What is CVE-2025-64512?

Pdfminer.six, an open-source library for extracting information from PDF documents, is vulnerable to arbitrary code execution due to improper handling of malicious pickle files embedded in specially crafted PDF files. Specifically, the issue arises from the CMapDB._load_data() function that utilizes pickle.loads() for deserialization tasks without adequate validation. Attackers can exploit this vulnerability by providing a PDF that points to a malicious pickle file, which can execute arbitrary code when processed. This flaw impacts versions prior to 20251107, making it crucial for users to upgrade to this version or later to protect their systems from potential exploitation.

Affected Version(s)

pdfminer.six < 20251107

References

https://github.com/pdfminer/pdfminer.six/security/advisor...
x_refsource_CONFIRM
https://github.com/pdfminer/pdfminer.six/commit/b808ee05d...
x_refsource_MISC
https://github.com/pdfminer/pdfminer.six/releases/tag/202...
x_refsource_MISC

CVSS V3.1

Score:
8.6
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.
CVE-2025-64512 : Arbitrary Code Execution in Pdfminer.six by Malicious PDF Files