CVE-2026-25940

{"id": "CVE-2026-25940", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "security-advisories@github.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.1, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.2, "exploitabilityScore": 2.8}]}, "published": "2026-02-19T16:27:15.660", "references": [{"url": "https://github.com/parallax/jsPDF/commit/71ad2dbfa6c7c189ab42b855b782620fa8a38375", "tags": ["Patch"], "source": "security-advisories@github.com"}, {"url": "https://github.com/parallax/jsPDF/releases/tag/v4.2.0", "tags": ["Release Notes"], "source": "security-advisories@github.com"}, {"url": "https://github.com/parallax/jsPDF/security/advisories/GHSA-p5xg-68wr-hm3m", "tags": ["Vendor Advisory"], "source": "security-advisories@github.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "security-advisories@github.com", "description": [{"lang": "en", "value": "CWE-116"}]}], "descriptions": [{"lang": "en", "value": "jsPDF is a library to generate PDFs in JavaScript. Prior to 4.2.0, user control of properties and methods of the Acroform module allows users to inject arbitrary PDF objects, such as JavaScript actions. If given the possibility to pass unsanitized input to one of the following property, a user can inject arbitrary PDF objects, such as JavaScript actions, which are executed when the victim hovers over the radio option. The vulnerability has been fixed in jsPDF@4.2.0. As a workaround, sanitize user input before passing it to the vulnerable API members."}, {"lang": "es", "value": "jsPDF es una biblioteca para generar PDFs en JavaScript. Anterior a la versi\u00f3n 4.2.0, el control por parte del usuario de las propiedades y m\u00e9todos del m\u00f3dulo Acroform permite a los usuarios inyectar objetos PDF arbitrarios, como acciones de JavaScript. Si se le da la posibilidad de pasar entrada no saneada a una de las siguientes propiedades, un usuario puede inyectar objetos PDF arbitrarios, como acciones de JavaScript, que se ejecutan cuando la v\u00edctima pasa el cursor sobre la opci\u00f3n de radio. La vulnerabilidad ha sido corregida en jsPDF@4.2.0. Como soluci\u00f3n alternativa, sanee la entrada del usuario antes de pasarla a los miembros vulnerables de la API."}], "lastModified": "2026-02-23T18:50:02.970", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:parall:jspdf:*:*:*:*:*:node.js:*:*", "vulnerable": true, "matchCriteriaId": "7EACE56E-B77C-421B-AAFE-F5FD3C80FE94", "versionEndExcluding": "4.2.0"}], "operator": "OR"}]}], "sourceIdentifier": "security-advisories@github.com"}