Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2026-25535

jsPDF is a library to generate PDFs in JavaScript. Prior to 4.2.0, user control of the first argument of the `addImage` method results in denial of service. If given the possibility to pass unsanitized image data or URLs to the `addImage` method, a user can provide a harmful GIF file that results in out of memory errors and denial of service. Harmful GIF files have large width and/or height entries in their headers, which lead to excessive memory allocation. Other affected methods are: `html`. The vulnerability has been fixed in jsPDF 4.2.0. As a workaround, sanitize image data or URLs before passing it to the addImage method or one of the other affected methods.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 16.9%
CVSS Severity
CVSS v3 Score 7.5
Products affected by CVE-2026-25535
  • Parall » Jspdf » Version: N/A
    cpe:2.3:a:parall:jspdf:-
  • Parall » Jspdf » Version: 0.9.0
    cpe:2.3:a:parall:jspdf:0.9.0
  • Parall » Jspdf » Version: 1.0.106
    cpe:2.3:a:parall:jspdf:1.0.106
  • Parall » Jspdf » Version: 1.0.115
    cpe:2.3:a:parall:jspdf:1.0.115
  • Parall » Jspdf » Version: 1.0.116
    cpe:2.3:a:parall:jspdf:1.0.116
  • Parall » Jspdf » Version: 1.0.119
    cpe:2.3:a:parall:jspdf:1.0.119
  • Parall » Jspdf » Version: 1.0.138
    cpe:2.3:a:parall:jspdf:1.0.138
  • Parall » Jspdf » Version: 1.0.150
    cpe:2.3:a:parall:jspdf:1.0.150
  • Parall » Jspdf » Version: 1.0.178
    cpe:2.3:a:parall:jspdf:1.0.178
  • Parall » Jspdf » Version: 1.0.272
    cpe:2.3:a:parall:jspdf:1.0.272
  • Parall » Jspdf » Version: 1.1.135
    cpe:2.3:a:parall:jspdf:1.1.135
  • Parall » Jspdf » Version: 1.2.60
    cpe:2.3:a:parall:jspdf:1.2.60
  • Parall » Jspdf » Version: 1.2.61
    cpe:2.3:a:parall:jspdf:1.2.61
  • Parall » Jspdf » Version: 1.3.0
    cpe:2.3:a:parall:jspdf:1.3.0
  • Parall » Jspdf » Version: 1.3.1
    cpe:2.3:a:parall:jspdf:1.3.1
  • Parall » Jspdf » Version: 1.3.2
    cpe:2.3:a:parall:jspdf:1.3.2
  • Parall » Jspdf » Version: 1.3.3
    cpe:2.3:a:parall:jspdf:1.3.3
  • Parall » Jspdf » Version: 1.3.4
    cpe:2.3:a:parall:jspdf:1.3.4
  • Parall » Jspdf » Version: 1.3.5
    cpe:2.3:a:parall:jspdf:1.3.5
  • Parall » Jspdf » Version: 1.4.0
    cpe:2.3:a:parall:jspdf:1.4.0
  • Parall » Jspdf » Version: 1.4.1
    cpe:2.3:a:parall:jspdf:1.4.1
  • Parall » Jspdf » Version: 1.5.0
    cpe:2.3:a:parall:jspdf:1.5.0
  • Parall » Jspdf » Version: 1.5.1
    cpe:2.3:a:parall:jspdf:1.5.1
  • Parall » Jspdf » Version: 1.5.2
    cpe:2.3:a:parall:jspdf:1.5.2
  • Parall » Jspdf » Version: 1.5.3
    cpe:2.3:a:parall:jspdf:1.5.3
  • Parall » Jspdf » Version: 2.0.0
    cpe:2.3:a:parall:jspdf:2.0.0
  • Parall » Jspdf » Version: 2.1.1
    cpe:2.3:a:parall:jspdf:2.1.1
  • Parall » Jspdf » Version: 2.2.0
    cpe:2.3:a:parall:jspdf:2.2.0
  • Parall » Jspdf » Version: 2.3.0
    cpe:2.3:a:parall:jspdf:2.3.0
  • Parall » Jspdf » Version: 2.3.1
    cpe:2.3:a:parall:jspdf:2.3.1
  • Parall » Jspdf » Version: 2.4.0
    cpe:2.3:a:parall:jspdf:2.4.0
  • Parall » Jspdf » Version: 2.5.0
    cpe:2.3:a:parall:jspdf:2.5.0
  • Parall » Jspdf » Version: 2.5.1
    cpe:2.3:a:parall:jspdf:2.5.1
  • Parall » Jspdf » Version: 2.5.2
    cpe:2.3:a:parall:jspdf:2.5.2
  • Parall » Jspdf » Version: 3.0.0
    cpe:2.3:a:parall:jspdf:3.0.0
  • Parall » Jspdf » Version: 3.0.1
    cpe:2.3:a:parall:jspdf:3.0.1
  • Parall » Jspdf » Version: 3.0.2
    cpe:2.3:a:parall:jspdf:3.0.2
  • Parall » Jspdf » Version: 3.0.3
    cpe:2.3:a:parall:jspdf:3.0.3
  • Parall » Jspdf » Version: 3.0.4
    cpe:2.3:a:parall:jspdf:3.0.4


Products
Pricing
Contact Us

Shodan ® - All rights reserved