Uncontrolled Memory Allocation in Pillow - CVE-2026-54059
Published: July 3, 2026
Pillow
Detailed vulnerability description
The vulnerability allows a remote attacker to cause a denial of service.
The vulnerability exists due to memory allocation with excessive size value in PcfFontFile._load_bitmaps() when parsing a crafted PCF font file. A remote attacker can supply a crafted PCF font with oversized glyph dimensions to cause a denial of service.
The issue occurs because glyph dimensions from the PCF METRICS section are passed to Image.frombytes() without a decompression bomb check before memory allocation.