CVE-2026-25755
HIGH
GHSA-9vjf-qc39-jprp
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
Lifecycle Timeline
4Tags
Description
jsPDF is a library to generate PDFs in JavaScript. Prior to 4.2.0, user control of the argument of the `addJS` method allows an attacker to inject arbitrary PDF objects into the generated document. By crafting a payload that escapes the JavaScript string delimiter, an attacker can execute malicious actions or alter the document structure, impacting any user who opens the generated PDF. The vulnerability has been fixed in [email protected]. As a workaround, escape parentheses in user-provided JavaScript code before passing them to the `addJS` method.
Analysis
Arbitrary PDF object injection in jsPDF before 4.2.0 allows unauthenticated attackers to execute malicious actions or manipulate document structure through unvalidated input to the addJS method, affecting any user opening a crafted PDF. Public exploit code exists for this vulnerability. …
Sign in for full analysis, threat intelligence, and remediation guidance.
Remediation
Within 24 hours: Identify all applications and systems using jsPDF and their version numbers; assess whether user-controlled input reaches the addJS method. Within 7 days: Upgrade jsPDF to version 4.2.0 or later across all development and production environments; validate upgrades in staging environments first. …
Sign in for detailed remediation steps.
Priority Score
Vendor Status
Share
External POC / Exploit Code
Leaving vuln.today