CVE-2026-41653 - BentoPDF: Stored XSS via Markdown Editor Leading to Persistent File Exfiltration
CVE ID :CVE-2026-41653 Published : May 7, 2026, 6:43 p.m. | 20 minutes ago Description :BentoPDF is a client-side PDF toolkit that is self hostable. Prior to version 2.8.3, a cross-site scripting vulnerability was identified in BentoPD. An attacker may be able to execute arbitrary JavaScript i
ORIGINAL SOURCE →via CVE Feed Latest
ADVERTISEMENT
⚡ STAY AHEAD
Events like this, convergence-verified across 689 sources, land in your inbox every Sunday. Free.
GET THE SUNDAY BRIEFING →RELATED · cyber
- [CYBER] Microsoft Issues Warning About Linux 'Copy Fail' Vulnerability
- [CYBER] Dirty Frag - Linux LPE similiar to Copy Fail
- [CYBER] IMF Warns AI Will Supercharge Cyberattacks on Global Financial System
- [CYBER] Wordfence Intelligence Weekly WordPress Vulnerability Report (April 27, 2026 to May 3, 2026)
- [CYBER] CVE-2026-8086 - OSGeo gdal SWapi.c SWnentries heap-based overflow
- [CYBER] Writing Custom SAST Rules for Vulnerabilities Your Scanner Doesn't Cover