Information security
fromBleepingComputer
2 days agoCritical jsPDF flaw lets hackers steal secrets via generated PDFs
Critical LFI/path traversal in jsPDF (<4.0) allows attacker-controlled paths in Node.js builds to include local filesystem data into generated PDFs (CVE-2025-68428).