关键漏洞信息 漏洞名称: MuPDF <= 1.27.0 Barcode Decoding Double Free 严重性: MEDIUM 日期: 2/6/2026 影响范围: MuPDF <= 1.23.0 漏洞描述 MuPDF versions 1.23.0 through 1.27.0 contain a double-free vulnerability in when an exception occurs during display list rendering. The function accepts a caller-owned pointer but incorrectly drops the pixmap in its error handling path before rethrowing the exception. Callers (including the barcode decoding path in ) also drop the same pixmap in cleanup, resulting in a double-free that can corrupt the heap and crash the process. This issue affects applications that enable and use MuPDF barcode decoding and can be triggered by processing crafted input that causes a rendering-time error while decoding barcodes. 参考资料 CVE-2026-25556 CVE-415 Double Free Bug Tracker Entry Fixed Commit MuPDF Product Webpage 贡献者 Pavel Kohout, Aisle Research (www.aisle.com)