CVE-2026-42591

Gotenberg is a Docker-powered stateless API for PDF files. Prior to 8.32.0, the LibreOffice conversion endpoint /forms/libreoffice/convert passes uploaded documents directly to LibreOffice without inspecting their content. LibreOffice then fetches any embedded external URLs on its own, completely...

CVE-2026-42591 Gotenberg: Server-Side Request Forgery (SSRF) in github.com/gotenberg/gotenberg/v8

Gotenberg is a Docker-powered stateless API for PDF files. Prior to 8.32.0, the LibreOffice conversion endpoint /forms/libreoffice/convert passes uploaded documents directly to LibreOffice without inspecting their content. LibreOffice then fetches any embedded external URLs on its own, completely...

CVE-2026-42591

Gotenberg is a Docker-powered stateless API for PDF files. Prior to 8.32.0, the LibreOffice conversion endpoint /forms/libreoffice/convert passes uploaded documents directly to LibreOffice without inspecting their content. LibreOffice then fetches any embedded external URLs on its own, completely...

CVE-2026-42591

CVE-2026-42591 (Gotenberg) affects the LibreOffice conversion endpoint in Gotenberg up to version 8.32.0. Uploaded documents are passed directly to LibreOffice for conversion without content inspection, enabling SSRF because LibreOffice can fetch embedded external URLs on its own, bypassing the G...

CVE-2026-27625

Stirling-PDF is a locally hosted web application that performs various operations on PDF files. In versions prior to 2.5.2, the /api/v1/convert/markdown/pdf endpoint extracts user-supplied ZIP entries without path checks. Any authenticated user can write files outside the intended temporary worki...

CVE-2025-40978

Stored Cross-Site Scripting XSS vulnerability in WorkDo's eCommerceGo SaaS, consisting of a stored XSS due to a lack of proper validation of user input by sending a POST request to ‘/ticket/x/conversion’, using the ‘replydescription’ parameter...

CVE-2025-40978

WorkDo eCommerceGo SaaS is affected by a Stored Cross-Site Scripting (XSS) vulnerability. The issue stems from insufficient validation of user input delivered via a POST to /ticket/x/conversion using the reply_description parameter, enabling stored XSS. The Red Hat/CIRCL/CNNVD entries corroborate...

WorkDo HRM SaaS HR and Payroll Tool 跨站脚本漏洞

WorkDo HRM SaaS HR and Payroll Tool is a human resource management software from WorkDo, Inc. WorkDo HRM SaaS HR and Payroll Tool suffers from a cross-site scripting vulnerability that stems from insufficient validation of user input for the replydescription parameter when sending a POST request ...

PT-2026-1801

Name of the Vulnerable Software and Affected Versions WorkDo eCommerceGo SaaS affected versions not specified Description A stored Cross-Site Scripting XSS issue exists due to insufficient validation of user-supplied data. The issue involves sending a POST request to the ''/ticket/x/conversion''...

CVE-2025-67506 PipesHub Vulnerable to Path Traversal through Unauthenticated Arbitrary File Upload

PipesHub is a fully extensible workplace AI platform for enterprise search and workflow automation. Versions prior to 0.1.0-beta expose POST /api/v1/record/buffer/convert through missing authentication. The endpoint accepts a file upload and converts it to PDF via LibreOffice by uploading payload...

CVE-2025-55150

Stirling-PDF prior to version 1.1.0 is affected by an SSRF vulnerability in the HTML-to-PDF conversion path. Specifically, the /api/v1/convert/html/pdf endpoint uses a sanitizer during HTML processing that can be bypassed, allowing the backend to trigger requests to external resources via a third...

CVE-2025-55150 Stirling-PDF SSRF vulnerability on /api/v1/convert/html/pdf

Stirling-PDF is a locally hosted web application that performs various operations on PDF files. Prior to version 1.1.0, when using the /api/v1/convert/html/pdf endpoint to convert HTML to PDF, the backend calls a third-party tool to process it and includes a sanitizer for security sanitization...

PT-2025-12199 · Unknown · Open-Webui

Name of the Vulnerable Software and Affected Versions: open-webui version 0.3.8 Description: An endpoint for converting Markdown to HTML is exposed without authentication. A maliciously crafted markdown payload can cause the server to spend excessive time converting it, leading to a denial of...