Known CVE vulnerabilities and GitHub Security Advisories affecting the npm package pdfmake, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (2)
CVE-2025-11362 — CVSS 7.5 (high): Versions of the package pdfmake before 0.3.0-beta.17 are vulnerable to Allocation of Resources Without Limits or Throttling via repeatedly…
CVE-2026-26801 — CVSS 7.5 (high): Server-Side Request Forgery (SSRF) vulnerability in pdfmake versions 0.3.0-beta.2 through 0.3.5 allows a remote attacker to obtain…