Excessive Iteration
CVE-2026-41168
Summary
An attacker who uses this vulnerability can craft a PDF which leads to long runtimes. This requires cross-reference streams with wrong large `/Size` values or object streams with wrong large `/N` values. This issue affects versions prior to 6.10.1.
- LOW
- NETWORK
- NONE
- UNCHANGED
- NONE
- NONE
- NONE
- LOW
CWE-834 - Excessive Iteration
The software performs an iteration or loop without sufficiently limiting the number of times that the loop is executed.
References
Advisory Timeline
- Published
