Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
44
GitHub Actions
45
Go
3,227
Maven
5,000+
npm
5,000+
NuGet
864
pip
4,502
Pub
12
RubyGems
995
Rust
1,187
Swift
51
Unreviewed advisories
All unreviewed
5,000+

15 advisories

Loading
pypdf has inefficient decoding of array-based streams Moderate
CVE-2026-33123 was published for pypdf (pip) Mar 18, 2026
kule500 Credited to kule500 and stefan6419846 stefan6419846 stefan6419846
pypdf: manipulated stream length values can exhaust RAM Moderate
CVE-2026-31826 was published for pypdf (pip) Mar 11, 2026
iconnnjka Credited to iconnnjka and stefan6419846 stefan6419846 stefan6419846
pypdf vulnerable to inefficient decoding of ASCIIHexDecode streams Moderate
CVE-2026-28804 was published for pypdf (pip) Mar 2, 2026
kule500 Credited to kule500 and stefan6419846 stefan6419846 stefan6419846
pypdf: Manipulated RunLengthDecode streams can exhaust RAM Moderate
CVE-2026-28351 was published for pypdf (pip) Feb 28, 2026
bugbunny-research Credited to bugbunny-research and stefan6419846 stefan6419846 stefan6419846
pypdf: Manipulated FlateDecode XFA streams can exhaust RAM Moderate
CVE-2026-27888 was published for pypdf (pip) Feb 26, 2026
bekkaze Credited to bekkaze and stefan6419846 stefan6419846 stefan6419846
pypdf possibly has long runtimes for malformed FlateDecode streams Moderate
CVE-2026-27026 was published for pypdf (pip) Feb 18, 2026
CheonWoong-Park Credited to CheonWoong-Park and stefan6419846 stefan6419846 stefan6419846
pypdf has possible long runtimes/large memory usage for large /ToUnicode streams Moderate
CVE-2026-27025 was published for pypdf (pip) Feb 18, 2026
CheonWoong-Park Credited to CheonWoong-Park and stefan6419846 stefan6419846 stefan6419846
pypdf has a possible infinite loop when processing TreeObject Moderate
CVE-2026-27024 was published for pypdf (pip) Feb 18, 2026
CheonWoong-Park Credited to CheonWoong-Park and stefan6419846 stefan6419846 stefan6419846
pypdf has possible Infinite Loop when processing outlines/bookmarks Moderate
CVE-2026-24688 was published for pypdf (pip) Jan 26, 2026
JoakimBulow Credited to JoakimBulow and stefan6419846 stefan6419846 stefan6419846
pypdf has possible long runtimes for malformed startxref Low
CVE-2026-22691 was published for pypdf (pip) Jan 9, 2026
mkaalto Credited to mkaalto and stefan6419846 stefan6419846 stefan6419846
pypdf has possible long runtimes for missing /Root object with large /Size values Low
CVE-2026-22690 was published for pypdf (pip) Jan 9, 2026
N0zoM1z0 Credited to N0zoM1z0 and stefan6419846 stefan6419846 stefan6419846
pypdf's LZWDecode streams be manipulated to exhaust RAM Moderate
CVE-2025-66019 was published for pypdf (pip) Nov 24, 2025
aydinnyunus Credited to aydinnyunus and stefan6419846 stefan6419846 stefan6419846
pypdf can exhaust RAM via manipulated LZWDecode streams Moderate
CVE-2025-62708 was published for pypdf (pip) Oct 22, 2025
tylzh97 Credited to tylzh97 and stefan6419846 stefan6419846 stefan6419846
pypdf possibly loops infinitely when reading DCT inline images without EOF marker Moderate
CVE-2025-62707 was published for pypdf (pip) Oct 22, 2025
tylzh97 Credited to tylzh97 and stefan6419846 stefan6419846 stefan6419846
PyPDF's Manipulated FlateDecode streams can exhaust RAM Moderate
CVE-2025-55197 was published for pypdf (pip) Aug 13, 2025
laura240406 Credited to laura240406 and stefan6419846 stefan6419846 stefan6419846
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database