MEDIUM
Setasign
CVE published 2026-06-11
CVE-2026-45802
CVE-2026-45802 is a denial of service (DoS) vulnerability in FPDI, a PHP library for reading pages from existing PDF documents. Prior to version 2.6.7, an attacker can upload a small, malicious PDF file that will cause the server-side script to crash due to memory exhaustion or a script time-out. Repeated attacks can lead to sustained service unavailability. The vulnerability has been patched in version 2.6.7.