PatchSiren

Apryse CVE debriefs

These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.

HIGH Apryse CVE published 2026-01-22

CVE-2025-56589

CVE-2025-56589 is a high-severity vulnerability (CVSS Score: 7.5) affecting the Apryse HTML2PDF SDK through version 11.6.0. This vulnerability involves a Local File Inclusion (LFI) and a Server-Side Request Forgery (SSRF) issue in the InsertFromHtmlString() function. These vulnerabilities could allow an attacker to read local files on the server or make arbitrary HTTP requests to internal or external serv [truncated]