CVE-2026-48155
Analyzed Analyzed - Analysis Complete
Memory Exhaustion in PyPDF Text Extraction

Publication date: 2026-05-28

Last updated on: 2026-05-29

Assigner: GitHub, Inc.

Description
pypdf is a free and open-source pure-python PDF library. Prior to 6.12.0, an attacker who uses this vulnerability can craft a PDF which leads to large memory usage. This requires extracting text in layout mode with large character offsets. This vulnerability is fixed in 6.12.0.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-05-28
Last Modified
2026-05-29
Generated
2026-06-17
AI Q&A
2026-05-28
EPSS Evaluated
2026-06-16
NVD
CVE-2026-48155
EUVD
EUVD-2026-32914
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
pypdf_project pypdf to 6.12.0 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-400 The product does not properly control the allocation and maintenance of a limited resource.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Compliance Impact

The provided information does not specify any direct impact of the CVE-2026-48155 vulnerability on compliance with common standards and regulations such as GDPR or HIPAA.

Impact Analysis

This vulnerability can lead to large memory consumption on systems that process maliciously crafted PDFs using pypdf's text extraction in layout mode.

Excessive memory usage can degrade system performance, cause application crashes, or potentially lead to denial of service conditions.

Executive Summary

The CVE-2026-48155 vulnerability affects the pypdf library versions prior to 6.12.0. An attacker can exploit this vulnerability by crafting a specially designed PDF that causes excessive memory usage when extracting text in layout mode with large character offsets.

This issue is due to uncontrolled resource consumption, categorized under CWE-400, where improper handling of large character offsets during text extraction leads to large memory usage.

The vulnerability was fixed in pypdf version 6.12.0, which includes a patch to prevent this excessive memory usage.

Detection Guidance

This vulnerability involves excessive memory usage when extracting text in layout mode with large character offsets using the pypdf library prior to version 6.12.0.

Detection would involve identifying usage of vulnerable pypdf versions and monitoring for unusually high memory consumption during PDF text extraction in layout mode.

Since the vulnerability is specific to the pypdf library's text extraction process, there are no direct network commands to detect exploitation.

To check the installed pypdf version, you can run the following command in your Python environment:

  • python -c "import pypdf; print(pypdf.__version__)"

Monitoring system memory usage during PDF processing tasks may help detect abnormal behavior.

Mitigation Strategies

The primary mitigation is to upgrade the pypdf library to version 6.12.0 or later, where this vulnerability is fixed.

If an immediate upgrade is not possible, applying the changes from pull request #3790 can serve as a temporary workaround.

Additionally, avoid processing untrusted PDFs with text extraction in layout mode until the fix is applied.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-48155. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart