HIGH
JazzCore
CVE published 2026-06-17
CVE-2025-26240
A high-severity vulnerability (CVSS Score: 8.4) was discovered in python-pdfkit 1.0.0, enabling the execution of JavaScript code within the server application's context and allowing for the exfiltration of local files. This issue was publicly disclosed on June 17, 2026. The vulnerability is tracked as CVE-2025-26240 and affects the python-pdfkit library. Users of this library should take immediate action [truncated]