VulnerabilitiesJan 9, 2026•4 min read
jsPDF Flaw Lets Attackers Embed Local Files in PDFs
CVE-2025-68428 enables path traversal in the popular JavaScript PDF library, allowing attackers to read arbitrary files from Node.js servers and exfiltrate them via generated documents.
Marcus Chen