A vulnerability, which was classified as problematic, has been found in Artifex MuPDF up to 1.27.0. Affected is the function fz_fill_pixmap_from_display_list. This manipulation causes double free.

This vulnerability is registered as CVE-2026-25556. Remote exploitation of the attack is possible. No exploit is available.