A vulnerability was found in Pillow up to 12.2.x. It has been classified as problematic. The impacted element is the function
FontFile.compile of the file PIL/FontFile.py of the component FontFile. The manipulation leads to allocation of resources.
This vulnerability is listed as CVE-2026-54060. The attack may be initiated remotely. There is no available exploit.