Pypdf Project: >> Pypdf >> 6.7.2 Security Vulnerabilities
pypdf is a free and open-source pure-python PDF library. Prior to 6.7.3, an attacker who uses this vulnerability can craft a PDF which leads to the RAM being exhausted. This requires accessing the `xfa` property of a reader or writer and the corresponding stream being compressed using `/FlateDecode`. This has been fixed in pypdf 6.7.3. As a workaround, apply the patch manually.
CVSS Score
6.6
EPSS Score
0.001
Published
2026-02-26
Page 2