CVE-2026-34376
Unauthorized Access in PdfDing via Inadequate Access Control
Publication date: 2026-04-01
Last updated on: 2026-04-07
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| pdfding | pdfding | to 1.7.0 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-863 | The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2026-34376 is a high-severity access control vulnerability in the PdfDing package (versions prior to 1.7.0) that allows unauthorized users to bypass password protection on shared PDFs.
The vulnerability exists because the direct file-serving endpoint does not enforce password verification, unlike the normal public share flow which requires password validation before granting access.
Technically, the flaw arises from the code path where the shared PDF object is returned without checking if the requester has passed the password validation form. This allows attackers who know a valid shared identifier and revision to retrieve confidential documents without authentication.
The issue was patched in version 1.7.0 by introducing session-based authorization checks that ensure only authorized sessions can access shared PDFs.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The vulnerability in PdfDing allows unauthorized users to bypass password protection and access confidential shared PDFs without authentication. This results in unauthorized disclosure of sensitive information that users expected to be protected.
Such unauthorized access to confidential documents can lead to violations of data protection and privacy regulations like GDPR and HIPAA, which require strict controls to protect personal and sensitive data from unauthorized disclosure.
Therefore, this vulnerability compromises confidentiality controls mandated by these standards, potentially causing non-compliance due to failure to adequately protect sensitive information.
How can this vulnerability impact me? :
This vulnerability can lead to unauthorized access to confidential documents that were expected to be protected by a shared-link password.
Attackers with knowledge of a valid shared PDF identifier and revision can retrieve password-protected PDFs without any authentication or user interaction.
The impact is a high confidentiality breach, as sensitive information contained in the PDFs can be exposed to unauthorized parties.
There is no impact on integrity or availability, but the confidentiality compromise can have serious consequences depending on the nature of the documents.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by attempting to access the direct file-serving endpoint for shared PDFs without completing the password verification flow. Specifically, an unauthorized request to the endpoint `GET /pdf/shared/get/{identifier}/{revision}` that returns the PDF content without requiring a password indicates the presence of the vulnerability.
To detect this on your system or network, you can try sending HTTP GET requests to the direct serve endpoint with known or guessed shared identifiers and revisions, and observe if the PDF content is returned without authentication.
Example command using curl to test access bypass:
- curl -i -X GET "http://your-pdfding-instance/pdf/shared/get/{identifier}/{revision}"
If the response includes the PDF content without requiring a password, the system is vulnerable.
Additionally, monitoring logs for unauthorized access attempts to this endpoint or unexpected successful accesses without password validation can help detect exploitation.
What immediate steps should I take to mitigate this vulnerability?
The immediate mitigation step is to upgrade the PdfDing installation to version 1.7.0 or later, where the vulnerability has been patched.
Version 1.7.0 introduces a session-based authorization mechanism that enforces password verification before granting access to shared PDFs, preventing unauthorized access through the direct serve endpoint.
If upgrading immediately is not possible, consider restricting network access to the vulnerable endpoints or implementing additional access controls (e.g., firewall rules) to limit exposure.
Review and monitor access logs for suspicious activity related to shared PDF access.