Home / mailings [USN-8400-1] poppler vulnerability
Posted on 08 June 2026
Ubuntu Security==========================================================================Ubuntu Security Notice USN-8400-1
June 08, 2026
poppler vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 26.04 LTS
- Ubuntu 25.10
- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS
Summary:
poppler could be made to crash or run programs if it opened a specially
crafted file.
Software Description:
- poppler: PDF rendering library
Details:
It was discovered that poppler incorrectly handled certain malformed PDF
tiling patterns in the Splash backend. An attacker could possibly use this
issue to execute arbitrary code, obtain sensitive information, or cause a
denial of service.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 26.04 LTS
libpoppler156 26.01.0-2ubuntu0.1
poppler-utils 26.01.0-2ubuntu0.1
Ubuntu 25.10
libpoppler147 25.03.0-10ubuntu0.2
poppler-utils 25.03.0-10ubuntu0.2
Ubuntu 24.04 LTS
libpoppler134 24.02.0-1ubuntu9.9
poppler-utils 24.02.0-1ubuntu9.9
Ubuntu 22.04 LTS
libpoppler118 22.02.0-2ubuntu0.13
poppler-utils 22.02.0-2ubuntu0.13
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-8400-1
CVE-2026-10118
Package Information:
https://launchpad.net/ubuntu/+source/poppler/26.01.0-2ubuntu0.1
https://launchpad.net/ubuntu/+source/poppler/25.03.0-10ubuntu0.2
https://launchpad.net/ubuntu/+source/poppler/24.02.0-1ubuntu9.9
https://launchpad.net/ubuntu/+source/poppler/22.02.0-2ubuntu0.13
--===============6340904910494157547==Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
