Integer Overflow Vulnerability in Poppler's Splash Backend Affects PDF Applications
CVE-2026-10118

7.8HIGH

Key Information:

Vendor

Red Hat
Status
Red Hat Enterprise Linux 10
Red Hat Enterprise Linux 6
Red Hat Enterprise Linux 7
Red Hat Enterprise Linux 8
Vendor
CVE Published:
1 June 2026

What is CVE-2026-10118?

A critical flaw in Poppler's Splash backend allows attackers to exploit a crafted malicious PDF file. This triggers an integer overflow in the 'tilingPatternFill' function, resulting in an insufficient heap memory allocation. The subsequent out-of-bounds write can lead to arbitrary code execution, data leakage, or denial of service when processing the compromised PDF. It is crucial for users of affected versions to apply necessary updates to mitigate risks associated with this vulnerability.

References

https://access.redhat.com/security/cve/CVE-2026-10118
vdb-entryx_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2460428
issue-trackingx_refsource_REDHAT
https://gitlab.freedesktop.org/poppler/poppler/-/work_ite...

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

This issue was discovered by AISLE in partnership with Red Hat.
.