CVE-2026-25630

Name of the Vulnerable Software and Affected Versions jsPDF versions prior to 4.0.0 SurveyJS PDF Generator versions 1.12.58 and lower SurveyJS PDF Generator versions 2.5.4 and lower

Description A local file inclusion or path traversal issue was identified in jsPDF. Because SurveyJS PDF Generator depends on jsPDF, projects using SurveyJS PDF Generator v1.12.58 and lower or v2.5.4 and lower could be affected. No other SurveyJS PDF Generator dependencies are affected.

Recommendations Upgrade SurveyJS PDF Generator to version 1.12.59 or later. Upgrade SurveyJS PDF Generator to version 2.5.5 or later. Upgrade jsPDF to version 4.0.0 or later.