MEDIUM
Artifex Software Inc.
CVE published 2026-04-16
CVE-2026-40505
CVE-2026-40505 is a medium-severity ANSI injection vulnerability in Artifex MuPDF versions prior to 1.27. The issue exists in the `mutool` command-line utility, specifically when processing PDF metadata fields. Attackers can craft PDF documents containing malicious ANSI escape sequences in metadata fields; when a victim runs `mutool info` on such a document, these sequences are passed unsanitized to termi [truncated]