CVE-2026-33438 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

Stirling-PDF is a locally hosted web application that allows you to perform various operations on PDF files. Versions starting in 2.1.5 and prior to 2.5.2 have…
Medium CVSS: 6.5

CVE-2026-33438

Stirling-PDF is a locally hosted web application that allows you to perform various operations on PDF files. Versions starting in 2.1.5 and prior to 2.5.2 have Denial of Service (DoS) vulnerability in the Stirling-PDF watermark functionality (`/api/v1/security/add-watermark` endpoint). The vulnerability allows authenticated users to cause resource exhaustion and server crashes by providing extreme values for the `fontSize` and `widthSpacer` parameters. Version 2.5.2 patches the issue.
Vendor
Stirling
Product
Stirling Pdf
CWE
CWE-770
Yayın Tarihi
2026-03-26 17:16:40
Güncelleme
2026-03-31 21:37:52
Source Identifier
security-advisories@github.com
KEV Date Added
-

Kategoriler

CWE-770 Stirling Pdf MEDIUM Stirling 2026

Referanslar

https://github.com/Stirling-Tools/Stirling-PDF/security/advisories/GHSA-3932-2rfq-87xm https://github.com/Stirling-Tools/Stirling-PDF/security/advisories/GHSA-3932-2rfq-87xm