Dhtmlx Pdf Export Module vulnerabilities
2 known vulnerabilities affecting dhtmlx/pdf_export_module.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH1
Vulnerabilities
Page 1 of 1
CVE-2026-41553P2CRITICALCVSS 10.0fixed in 0.7.6≥ 0.3.3, < 0.7.62026-05-15
CVE-2026-41553 [CRITICAL] CWE-78 CVE-2026-41553: PDF Export Module used in DHTMLX's products Gantt and Scheduler is vulnerable to Remote Code Executi
PDF Export Module used in DHTMLX's products Gantt and Scheduler is vulnerable to Remote Code Execution due to lack of "data" parameter sanitization. An unauthenticated attacker can inject the malicious JavaScript code to the parameter whose value is processed by Node.js and subsequently executed. This can lead to server compromise.
This issue was
nvd
CVE-2026-41552P3HIGHCVSS 7.5≥ 0.3.3, < 0.7.62026-05-15
CVE-2026-41552 [HIGH] CWE-22 CVE-2026-41552: PDF Export Module used in DHTMLX's products Gantt and Scheduler is vulnerable to Path Traversal due
PDF Export Module used in DHTMLX's products Gantt and Scheduler is vulnerable to Path Traversal due to lack of HTML sanitization. An unauthenticated user could craft the html payload which could include
local files from the server and display them in the generated PDF.
This issue was fixed in PDF Export Module version 0.7.6.
nvd