QSearchQSearch

CVE-2026-45802

FPDI is a collection of PHP classes that facilitate reading pages from existing PDF documents and using them as templates in FPDF

Published: 2026-06-11 · Last updated: 2026-06-11

Severity and scoring

CWE
CWE-400, CWE-770

Description

FPDI is a collection of PHP classes that facilitate reading pages from existing PDF documents and using them as templates in FPDF. Prior to version 2.6.7, an attacker can upload a small, malicious PDF file that will cause the server-side script to crash due to memory exhaustion or a script time-out. Repeated attacks can lead to sustained service unavailability. This issue has been patched in version 2.6.7.

Source: NVD

References

Related CVEs

Same CWE

  • CVE-2026-45169 Idira Privileged Access Manager (PAM) Self-Hosted Vault versions prior to 15.0.3, 14.6.5, 14.2.7, and 14.0.8 exhibit a validation vulnera...
  • CVE-2026-44892 Netty is a network application framework for development of protocol servers and clients (7.5 HIGH)
  • CVE-2026-44890 Netty is a network application framework for development of protocol servers and clients (7.5 HIGH)
  • CVE-2026-44250 Netty is a network application framework for development of protocol servers and clients (7.5 HIGH)
  • CVE-2026-53781 Summarize before 0.17.0 contains a resource exhaustion vulnerability that allows remote attackers to cause disk exhaustion by serving med... (4.3 MEDIUM)