URL has been copied successfully!
Critical jsPDF Vulnerability Enables Arbitrary File Read in Node.js (CVE-2025-68428)
URL has been copied successfully!

Collecting Cyber-News from over 60 sources

Critical jsPDF Vulnerability Enables Arbitrary File Read in Node.js (CVE-2025-68428)


Tags: , ,

In January 2026, a critical security vulnerability was disclosed in jsPDF, a popular JavaScript library used to generate PDF documents. The issue, tracked as CVE-2025-68428, affects server-side Node.js deployments of jsPDF prior to version 4.0.0 and has been assigned a CVSS score of 9.2. The vulnerability is a path traversal issue that can be abused”¦

First seen on securityboulevard.com

Jump to article: securityboulevard.com/2026/01/critical-jspdf-vulnerability-enables-arbitrary-file-read-in-node-js-cve-2025-68428/

Loading

Share via Email
Share on Facebook
Tweet on X (Twitter)
Share on Whatsapp
Share on LinkedIn
Share on Xing
Copy link

also interesting:

  1. Critical RCE Vulnerability in AWS Amplify Studio PoC Now Public
  2. Redis patches 13-Year-Old Lua flaw enabling Remote Code Execution
  3. Critical Grafana Flaw Lets Attackers Escalate Privileges
  4. 2.15M Next.js Web Services Exposed Online, Active Attacks Reported Update Immediately