Description
Out-of-bounds array write in Xpdf 4.06 and earlier, due to incorrect validation of the "N" field in ICCBased color spaces.
Published: 2026-03-18
Score: 2.1 Low
EPSS: < 1% Very Low
KEV: No
Impact: Memory Corruption
Action: Assess Impact
AI Analysis

Impact

An out‑of‑bounds array write exists in Xpdf 4.06 and earlier caused by incorrect validation of the "N" field in ICCBased color spaces. The vulnerability can corrupt memory, leading to crashes or potentially exploitable conditions. It is categorized as CWE‑20 (Improper Input Validation) and CWE‑787 (Out‑of‑Bounds Write). The CVSS score of 2.1 reflects a low overall risk and no known exploitation impact beyond application instability.

Affected Systems

The affected vendor is Xpdf and the product is Xpdf Reader. All versions 4.06 and earlier are vulnerable.

Risk and Exploitability

The CVSS score is 2.1, indicating low severity, and the EPSS score is not available. The vulnerability is not listed in CISA’s KEV catalog. No exploit has been documented, and the attack vector is not explicitly stated; it is likely restricted to local use of the vulnerable Xpdf binary with a malicious PDF file. The risk remains limited to non‑remote code execution and potential denial of service in the affected application.

Generated by OpenCVE AI on March 18, 2026 at 23:23 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Verify your Xpdf installation version.
  • Upgrade Xpdf to a version newer than 4.06 as recommended by the vendor.
  • If an upgrade is not immediately feasible, restrict the processing of PDFs that use ICCBased color spaces or otherwise avoid handling potentially malicious PDFs.
  • Monitor the Xpdf security advisory page for patches and apply any available updates as soon as they are released.

Generated by OpenCVE AI on March 18, 2026 at 23:23 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 19 Mar 2026 14:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Thu, 19 Mar 2026 09:45:00 +0000

Type Values Removed Values Added
First Time appeared Xpdf
Xpdf xpdf
Vendors & Products Xpdf
Xpdf xpdf

Wed, 18 Mar 2026 22:00:00 +0000

Type Values Removed Values Added
Description Out-of-bounds array write in Xpdf 4.06 and earlier, due to incorrect validation of the "N" field in ICCBased color spaces.
Title Out-of-bounds array write in Xpdf 4.06 due to missing validation
Weaknesses CWE-20
CWE-787
References
Metrics cvssV4_0

{'score': 2.1, 'vector': 'CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N'}

Subscriptions

Xpdf Xpdf
cve-icon MITRE

Status: PUBLISHED

Assigner: GandC

Published:

Updated: 2026-03-19T14:01:35.168Z

Reserved: 2026-03-18T21:24:26.684Z

Link: CVE-2026-4407

cve-icon Vulnrichment

Updated: 2026-03-19T14:01:29.932Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-03-18T22:16:26.437

Modified: 2026-03-19T13:25:00.570

Link: CVE-2026-4407

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-03-25T11:52:01Z

Weaknesses