CVE-2025-46206 PoC — artifex mupdf 安全漏洞

Source

https://github.com/Landw-hub/CVE-2025-46206

Associated Vulnerability

Title:artifex mupdf 安全漏洞 (CVE-2025-46206)
Description:An issue in Artifex mupdf 1.25.6, 1.25.5 allows a remote attacker to cause a denial of service via an infinite recursion in the `mutool clean` utility. When processing a crafted PDF file containing cyclic /Next references in the outline structure, the `strip_outline()` function enters infinite recursion

Readme

There is a denial of service vulnerability in MuPDF 1.25.6 and earlier versions. When an attacker runs the "mutool clean poc /dev/null" command, the program will fall into an infinite recursion between the strip_outlines() and strip_outline() functions in pdf-clean-file.c until the stack is exhausted.

See the attachment for the specific POC file, vulnerability cause, reproduction process and repair suggestions.

The vendor (Artifex Software, maintainer of MuPDF) has acknowledged the issue and fixed the bug. The fix has been committed in their official repository.

Here is the public link to the patch / commit provided by the vendor:
https://bugs.ghostscript.com/show_bug.cgi?id=708521
https://cgit.ghostscript.com/cgi-bin/cgit.cgi/mupdf.git/commit/?id=0ec7e4d2201bb6df217e01c17396d36297abf9ac

This confirms that the vulnerability has been acknowledged and remediated.

File Snapshot


 [4.0K]  /data/pocs/eb00f2929b18118c0c17507ec60cc63c793397c3
├── [1.4K]  mupdf-clean-poc
├── [ 878]  README.md
├── [638K]  vulnerability cause.doc
└── [517K]  vulnerability reproduction process.doc

0 directories, 4 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.

View subscription plans →

Goal Reached Thanks to every supporter — we hit 100%!