Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2026-24737

jsPDF is a library to generate PDFs in JavaScript. Prior to 4.1.0, user control of properties and methods of the Acroform module allows users to inject arbitrary PDF objects, such as JavaScript actions. If given the possibility to pass unsanitized input to one of the following methods or properties, a user can inject arbitrary PDF objects, such as JavaScript actions, which are executed when the victim opens the document. The vulnerable API members are AcroformChoiceField.addOption, AcroformChoiceField.setOptions, AcroFormCheckBox.appearanceState, and AcroFormRadioButton.appearanceState. The vulnerability has been fixed in jsPDF@4.1.0.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 1.5%
CVSS Severity
CVSS v3 Score 8.1
Products affected by CVE-2026-24737
  • Parall » Jspdf » Version: N/A
    cpe:2.3:a:parall:jspdf:-
  • Parall » Jspdf » Version: 0.9.0
    cpe:2.3:a:parall:jspdf:0.9.0
  • Parall » Jspdf » Version: 1.0.106
    cpe:2.3:a:parall:jspdf:1.0.106
  • Parall » Jspdf » Version: 1.0.115
    cpe:2.3:a:parall:jspdf:1.0.115
  • Parall » Jspdf » Version: 1.0.116
    cpe:2.3:a:parall:jspdf:1.0.116
  • Parall » Jspdf » Version: 1.0.119
    cpe:2.3:a:parall:jspdf:1.0.119
  • Parall » Jspdf » Version: 1.0.138
    cpe:2.3:a:parall:jspdf:1.0.138
  • Parall » Jspdf » Version: 1.0.150
    cpe:2.3:a:parall:jspdf:1.0.150
  • Parall » Jspdf » Version: 1.0.178
    cpe:2.3:a:parall:jspdf:1.0.178
  • Parall » Jspdf » Version: 1.0.272
    cpe:2.3:a:parall:jspdf:1.0.272
  • Parall » Jspdf » Version: 1.1.135
    cpe:2.3:a:parall:jspdf:1.1.135
  • Parall » Jspdf » Version: 1.2.60
    cpe:2.3:a:parall:jspdf:1.2.60
  • Parall » Jspdf » Version: 1.2.61
    cpe:2.3:a:parall:jspdf:1.2.61
  • Parall » Jspdf » Version: 1.3.0
    cpe:2.3:a:parall:jspdf:1.3.0
  • Parall » Jspdf » Version: 1.3.1
    cpe:2.3:a:parall:jspdf:1.3.1
  • Parall » Jspdf » Version: 1.3.2
    cpe:2.3:a:parall:jspdf:1.3.2
  • Parall » Jspdf » Version: 1.3.3
    cpe:2.3:a:parall:jspdf:1.3.3
  • Parall » Jspdf » Version: 1.3.4
    cpe:2.3:a:parall:jspdf:1.3.4
  • Parall » Jspdf » Version: 1.3.5
    cpe:2.3:a:parall:jspdf:1.3.5
  • Parall » Jspdf » Version: 1.4.0
    cpe:2.3:a:parall:jspdf:1.4.0
  • Parall » Jspdf » Version: 1.4.1
    cpe:2.3:a:parall:jspdf:1.4.1
  • Parall » Jspdf » Version: 1.5.0
    cpe:2.3:a:parall:jspdf:1.5.0
  • Parall » Jspdf » Version: 1.5.1
    cpe:2.3:a:parall:jspdf:1.5.1
  • Parall » Jspdf » Version: 1.5.2
    cpe:2.3:a:parall:jspdf:1.5.2
  • Parall » Jspdf » Version: 1.5.3
    cpe:2.3:a:parall:jspdf:1.5.3
  • Parall » Jspdf » Version: 2.0.0
    cpe:2.3:a:parall:jspdf:2.0.0
  • Parall » Jspdf » Version: 2.1.1
    cpe:2.3:a:parall:jspdf:2.1.1
  • Parall » Jspdf » Version: 2.2.0
    cpe:2.3:a:parall:jspdf:2.2.0
  • Parall » Jspdf » Version: 2.3.0
    cpe:2.3:a:parall:jspdf:2.3.0
  • Parall » Jspdf » Version: 2.3.1
    cpe:2.3:a:parall:jspdf:2.3.1
  • Parall » Jspdf » Version: 2.4.0
    cpe:2.3:a:parall:jspdf:2.4.0
  • Parall » Jspdf » Version: 2.5.0
    cpe:2.3:a:parall:jspdf:2.5.0
  • Parall » Jspdf » Version: 2.5.1
    cpe:2.3:a:parall:jspdf:2.5.1
  • Parall » Jspdf » Version: 2.5.2
    cpe:2.3:a:parall:jspdf:2.5.2
  • Parall » Jspdf » Version: 3.0.0
    cpe:2.3:a:parall:jspdf:3.0.0
  • Parall » Jspdf » Version: 3.0.1
    cpe:2.3:a:parall:jspdf:3.0.1
  • Parall » Jspdf » Version: 3.0.2
    cpe:2.3:a:parall:jspdf:3.0.2
  • Parall » Jspdf » Version: 3.0.3
    cpe:2.3:a:parall:jspdf:3.0.3
  • Parall » Jspdf » Version: 3.0.4
    cpe:2.3:a:parall:jspdf:3.0.4


Products
Pricing
Contact Us

Shodan ® - All rights reserved