CVE-2026-33438

Name of the Vulnerable Software and Affected Versions Stirling-PDF versions 2.1.5 through 2.5.1

Description Stirling-PDF is a locally hosted web application for PDF file operations. An authenticated user can trigger a Denial of Service (DoS) condition by submitting extreme values for the fontSize and widthSpacer parameters to the /api/v1/security/add-watermark endpoint. This can lead to resource exhaustion and server crashes.

Recommendations Versions prior to 2.5.2 should be updated to version 2.5.2 or later.