CVE-2025-68428 — Vulnetix

Try Vulnetix Request Demo

CVE-2025-68428 PUBLISHED CVSS 9.199999809265137 CRITICAL

jsPDF has Local File Inclusion/Path Traversal vulnerability

EPSS 0.02% · 6.3th percentile

Risk Scores

CVSS v4.0

9.199999809265137

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N

EPSS Score

0.02%

6.3th percentile

Affected Products

Vendor	Product	Versions
parall	jspdf	0
parallax	jsPDF	< 4.0.0
npm	jspdf	0

Timeline

Jan 5, 2026 CVE Published
Jan 6, 2026 CVE Updated
Jan 6, 2026 EPSS Score
Jan 6, 2026 PoC Published
Jan 6, 2026 PoC Published
Jan 6, 2026 PoC Published
Jan 6, 2026 PoC Published
Jan 6, 2026 PoC Published
Jan 6, 2026 PoC Published
Jan 7, 2026 PoC Published
Jan 7, 2026 PoC Published
Jan 7, 2026 PoC Published

References

Open in Interactive Console →