Topic: cve-2025-68428

Sort by: Relevance | Date
  • Critical jsPDF Flaw Exposes Secrets in Generated PDFs
    January 9, 2026
    95%

    Critical jsPDF Flaw Exposes Secrets in Generated PDFs

    A high-severity vulnerability (CVE-2025-68428) in the widely used jsPDF library allows attackers to steal local server files by exploiting a path traversal flaw in its Node.js version. The flaw affects several file-loading functions and was fixed in version 4.0.0, which uses Node.js's permission ...

    Read More »

Related Topics

active exploitation (1) security bulletin (1) vulnerability fix (1) input sanitization (1) local file inclusion (1) path traversal (1) jspdf vulnerability (1) node.js builds (1)