VulnerabilityCVE-2026-3778CVSS 6.2

The application does not detect or guard against cyclic PDF object references while handling...

GitHub Advisory Database · GitHub Security4/1/2026, 3:31:40 AM
View Original Source

Summary

The application does not detect or guard against cyclic PDF object references while handling JavaScript in PDF. When pages and annotations are crafted that reference each other in a loop, passing the document to APIs (e.g., SOAP) that perform deep traversal can cause uncontrolled recursion, stack exhaustion, and application crashes.

Metadata

Article ID
#480294
Source
GitHub Advisory Database
Scraped At
4/1/2026, 6:10:20 AM
URL Hash
58f7206ccbec38f3…