{
  "threat_severity" : "Moderate",
  "public_date" : "2026-02-26T00:42:00Z",
  "bugzilla" : {
    "description" : "pypdf: pypdf: Denial of Service via crafted PDF",
    "id" : "2442899",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2442899"
  },
  "cvss3" : {
    "cvss3_base_score" : "5.3",
    "cvss3_scoring_vector" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
    "status" : "verified"
  },
  "cwe" : "CWE-1050",
  "details" : [ "pypdf is a free and open-source pure-python PDF library. Prior to 6.7.3, an attacker who uses this vulnerability can craft a PDF which leads to the RAM being exhausted. This requires accessing the `xfa` property of a reader or writer and the corresponding stream being compressed using `/FlateDecode`. This has been fixed in pypdf 6.7.3. As a workaround, apply the patch manually.", "A flaw was found in pypdf. A remote attacker can exploit this vulnerability by crafting a malicious PDF document. When a user processes this specially crafted PDF, it can lead to excessive memory consumption, resulting in a Denial of Service (DoS) for the affected system. This issue specifically arises when the `xfa` property of a PDF reader or writer is accessed and its corresponding stream is compressed using `/FlateDecode`." ],
  "affected_release" : [ {
    "product_name" : "Red Hat OpenShift AI 2.25",
    "release_date" : "2026-04-23T00:00:00Z",
    "advisory" : "RHSA-2026:10184",
    "cpe" : "cpe:/a:redhat:openshift_ai:2.25::el9",
    "package" : "rhoai/odh-llama-stack-core-rhel9:sha256:50b543073492a4ffa9b71b8466e4b53cb6baec8d8d1bf72eed5a63bf82ca73bf"
  } ],
  "package_state" : [ {
    "product_name" : "OpenShift Lightspeed",
    "fix_state" : "Not affected",
    "package_name" : "openshift-lightspeed/lightspeed-ocp-rag-rhel9",
    "cpe" : "cpe:/a:redhat:openshift_lightspeed"
  }, {
    "product_name" : "OpenShift Lightspeed",
    "fix_state" : "Will not fix",
    "package_name" : "openshift-lightspeed/lightspeed-service-api-rhel9",
    "cpe" : "cpe:/a:redhat:openshift_lightspeed"
  }, {
    "product_name" : "OpenShift Lightspeed",
    "fix_state" : "Affected",
    "package_name" : "openshift-lightspeed-tech-preview/lightspeed-rag-tool-rhel9",
    "cpe" : "cpe:/a:redhat:openshift_lightspeed"
  }, {
    "product_name" : "Red Hat Enterprise Linux AI (RHEL AI) 3",
    "fix_state" : "Not affected",
    "package_name" : "rhelai3/bootc-cuda-rhel9",
    "cpe" : "cpe:/a:redhat:enterprise_linux_ai:3"
  }, {
    "product_name" : "Red Hat Enterprise Linux AI (RHEL AI) 3",
    "fix_state" : "Not affected",
    "package_name" : "rhelai3/disk-image-cuda-rhel9",
    "cpe" : "cpe:/a:redhat:enterprise_linux_ai:3"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2026-27888\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-27888\nhttps://github.com/py-pdf/pypdf/commit/7a4c8246ed48d9d328fb596942271da47b6d109c\nhttps://github.com/py-pdf/pypdf/pull/3658\nhttps://github.com/py-pdf/pypdf/releases/tag/6.7.3\nhttps://github.com/py-pdf/pypdf/security/advisories/GHSA-x7hp-r3qg-r3cj" ],
  "name" : "CVE-2026-27888",
  "csaw" : false
}