CVE-2025-46656

CVSS 3.1 Score 2.9 of 10 (low)

Details

Published Apr 26, 2025

Updated: Apr 29, 2025

CWE ID 1284

Summary

CVE-2025-46656 is a vulnerability affecting the python-markdownify library, also known as markdownify, before version 0.14.1. This issue allows for unusually large headline prefixes, such as <h9999999>, beyond the standard range of <h1> to <h6>. Consequently, this leads to excessive memory consumption when processing maliciously crafted markdown input. This could potentially be exploited by attackers to cause denial of service conditions or consume significant resources on targeted systems.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Python-Markdownify

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/5jMUyk
https://www.cve.org/CVERecord?id=CVE-2025-46656
https://nvd.nist.gov/vuln/detail/CVE-2025-46656

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Threats to the 2025 NATO Summit

Artificial Eyes: Generative AI in China’s Military Intelligence

GrayAlpha Uses Diverse Infection Vectors to Deploy PowerNet Loader and NetSupport RAT

Know What Matters

For Customers

For Partners

CVE-2025-46656

CVSS 3.1 Score 2.9 of 10 (low)

Details

Summary

Affected Products

Advisories, Assessments, and Mitigations