CVE-2025-55161 – Stirling-PDF SSRF

August 11, 2025

CVE ID : CVE-2025-55161

Published : Aug. 11, 2025, 11:15 p.m. | 1 hour, 7 minutes ago

Description : Stirling-PDF is a locally hosted web application that performs various operations on PDF files. Prior to version 1.1.0, when using the /api/v1/convert/markdown/pdf endpoint to convert Markdown to PDF, the backend calls a third-party tool to process it and includes a sanitizer for security sanitization which can be bypassed and result in SSRF. This issue has been patched in version 1.1.0.

Severity: 8.6 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleReact Native 0.81 – Android 16 support, faster iOS builds, and more

Next Article CVE-2025-55158 – Vim Double-Free Typval Management Vulnerability

Coded Smorgasbord: High Strung

Chainguard launches trusted collection of verified JavaScript libraries

CData launches Connect AI to provide agents access to enterprise data sources

PostgreSQL 18 adds asynchronous I/O to improve performance

Distribution Release: Neptune 9.0

Distribution Release: Kali Linux 2025.3

Distribution Release: SysLinuxOS 13

Development Release: MX Linux 25 Beta 1

PHP 8.5.0 RC 1 available for testing

PHP 8.5.0 RC 1 available for testing

Terraform Code Generator Using Ollama and CodeGemma

Beyond Denial: How AI Concierge Services Can Transform Healthcare from Reactive to Proactive

Distribution Release: Neptune 9.0

Distribution Release: Neptune 9.0

FOSS Weekly #25.39: Kill Switch Phones, LMDE 7, Zorin OS 18 Beta, Polybar, Apt History and More Linux Stuff

Distribution Release: Kali Linux 2025.3

CVE-2025-55161 – Stirling-PDF SSRF

Cursor AI Code Editor Flaw Enables Silent Code Execution via Malicious Repositories

Introducing HybridPetya: Petya/NotPetya copycat with UEFI Secure Boot bypass

Microsoft is on track to become the second $4 trillion company by market cap, following NVIDIA — and mass layoffs

Xbox is so obsessed with cloud gaming and PC hybrids — it might miss the GTA 6 gold rush that could actually sell consoles

Microsoft says it’s committed to Windows 11 performance upgrade, needs feedback

Here’s the secret behind Microsoft’s AI agents — meet Mu, the compact AI model transforming Settings on your PC

CVE-2025-20670 – Huawei Modem Certificate Validation Bypass Remote Information Disclosure Vulnerability

CVE-2025-35996 – KUNBUS PiCtory Stored Cross-Site Scripting (XSS)

CVE-2025-46657 – Karaz Karazal Reflected Cross-Site Scripting (XSS)

Il kernel Linux 6.13 ha raggiunto la fine del suo ciclo di supporto: è tempo di aggiornare alla versione 6.14

CVE-2025-55161 – Stirling-PDF SSRF

Related Posts