Published: April 29, 2026 | Last Modified: April 29, 2026
PDFunite 0.41.0 contains a buffer overflow vulnerability that allows local attackers to crash the application by processing malformed PDF files during merge operations. Attackers can trigger a segmentation fault in the XRef::getEntry function within libpoppler by providing a specially crafted PDF file to the pdfunite utility.
This analysis is generated by Ghostwire from NVD, CISA KEV, EPSS, and open-source intelligence data. Verify findings through primary sources before acting.