Memory Usage Issue in pypdf Library by PyPDF
CVE-2026-59938
6.9MEDIUM
What is CVE-2026-59938?
The pypdf library, a widely used open-source pure-Python PDF manipulation tool, is subject to a vulnerability where an attacker can create a malicious PDF file with image size values that far exceed the actual data size. This misrepresentation can lead to excessive memory consumption during the image parsing process. It is crucial for users to upgrade to version 6.14.0 or later to mitigate this issue and ensure optimal performance and security.
Affected Version(s)
pypdf < 6.14.0
