#local-file-inclusion
#local-file-inclusion

[ follow ]

Critical jsPDF flaw lets hackers steal secrets via generated PDFs

Critical LFI/path traversal in jsPDF (<4.0) allows attacker-controlled paths in Node.js builds to include local filesystem data into generated PDFs (CVE-2025-68428).

Information security

fromTheregister

3 months ago

Zero-day in popular file-sharing software actively exploited

Apply the available mitigation immediately for Gladinet CentreStack and Triofox to mitigate actively exploited CVE-2025-11371, as no patch is available.

[ Load more ]

#local-file-inclusion#local-file-inclusion

Critical jsPDF flaw lets hackers steal secrets via generated PDFs

Zero-day in popular file-sharing software actively exploited

#local-file-inclusion
#local-file-inclusion