Lucene search
K

7 matches found

GithubExploit
GithubExploit
added 2026/03/02 2:32 a.m.186 views

Exploit for Improper Encoding or Escaping of Output in Parall Jspdf

CVE-2026-25940 jsPDF PoC A proof-of-concept for CVE-2026-2594...

8.1CVSS5.9AI score0.0043EPSS
Exploits1
Chainguard
Chainguard
added 2026/02/25 1:17 a.m.9 views

CVE-2026-25940 vulnerabilities

Vulnerabilities for packages: opensearch-dashboards, opensearch-dashboards-fips...

9.6CVSS5.9AI score0.0043EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2026/02/19 7:32 p.m.8 views

360shitu (=0.1.0), @0soft/zero-material-ui (>=0.0.1 <=0.0.25) +2560 more potentially affected by CVE-2026-25940 via jspdf (>=1.0.272 <=4.1.0)

jspdf NPM version =1.0.272, =0.0.1, =1.0.0, =1.0.162, =1.0.0, =1.10.7, =1.0.0, =1.0.0, =0.1.0, =1.0.0, =1.0.0, =1.0.0, =0.0.6-alpha-20250721082600-ce7ebb6451f30eea451674d42a9ab1b32b0d5c66, =1.0.0, =1.1.3 and more Source cves: CVE-2026-25940 Source advisory: OSV:GHSA-P5XG-68WR-HM3M...

9.6CVSS5.7AI score0.0043EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2026/02/19 7:32 p.m.7 views

@armco/armory-react-components (>=0.0.23 <=0.0.43), @armco/svg-canvas (>=0.1.2 <=0.1.3) +10 more potentially affected by CVE-2026-25940 via jspdf (>=4.0.0 <=4.1.0)

jspdf NPM version =4.0.0, =0.0.23, =0.1.2, =1.0.8, =1.4.0, =0.5.129, =0.112.0-79, =0.111.0-7, =0.111.0-7, =0.111.0-7, =4.4.0, =4.4.1 - svgedit =7.4.1 Source cves: CVE-2026-25940 Source advisory: SNYK:JS-JSPDF-15322684...

9.6CVSS5.7AI score0.0043EPSS
Exploits1
Circl
Circl
added 2026/02/19 4:30 p.m.7 views

CVE-2026-25940

creationtimestamp| type| source ---|---|--- 2026-02-19 16:30:19+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3mf7zczbkxv2o 2026-02-19 16:30:21+00:00| seen| https://infosec.exchange/users/offseq/statuses/116098244070941374 2026-02-19 16:31:25+00:00| seen|...

9.6CVSS4.7AI score0.0043EPSS
Exploits1References4
NVD
NVD
added 2026/02/19 4:27 p.m.11 views

CVE-2026-25940

jsPDF is a library to generate PDFs in JavaScript. Prior to 4.2.0, user control of properties and methods of the Acroform module allows users to inject arbitrary PDF objects, such as JavaScript actions. If given the possibility to pass unsanitized input to one of the following property, a user ca...

9.6CVSS0.0043EPSS
Exploits1References8
OSV
OSV
added 2026/02/19 3:26 p.m.7 views

CVE-2026-25940 jsPDF's PDF Injection in AcroForm module allows Arbitrary JavaScript Execution (RadioButton.createOption and "AS" property)

jsPDF is a library to generate PDFs in JavaScript. Prior to 4.2.0, user control of properties and methods of the Acroform module allows users to inject arbitrary PDF objects, such as JavaScript actions. If given the possibility to pass unsanitized input to one of the following property, a user ca...

8.1CVSS5.7AI score0.0043EPSS
Exploits1References10
Rows per page
Query Builder