CRITICAL
DHTMLX
CVE published 2026-05-15
CVE-2026-41553
CVE-2026-41553 is a critical remote code execution issue in DHTMLX’s PDF Export Module, which is used in DHTMLX Gantt and Scheduler. According to NVD and the referenced vendor materials, an unauthenticated attacker can supply malicious content through the "data" parameter, where it is processed by Node.js and executed. The issue was fixed in PDF Export Module version 0.7.6. Because the flaw is network-rea [truncated]