{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-33438", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2026-03-19T18:45:22.437Z", "datePublished": "2026-03-26T16:58:07.485Z", "dateUpdated": "2026-03-26T17:34:32.654Z"}, "containers": {"cna": {"title": "Stirling-PDF vulnerable to DoS via add-watermark", "problemTypes": [{"descriptions": [{"cweId": "CWE-770", "lang": "en", "description": "CWE-770: Allocation of Resources Without Limits or Throttling", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}}], "references": [{"name": "https://github.com/Stirling-Tools/Stirling-PDF/security/advisories/GHSA-3932-2rfq-87xm", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/Stirling-Tools/Stirling-PDF/security/advisories/GHSA-3932-2rfq-87xm"}], "affected": [{"vendor": "Stirling-Tools", "product": "Stirling-PDF", "versions": [{"version": ">= 2.1.5, < 2.5.2", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-03-26T16:58:07.485Z"}, "descriptions": [{"lang": "en", "value": "Stirling-PDF is a locally hosted web application that allows you to perform various operations on PDF files. Versions starting in 2.1.5 and prior to 2.5.2 have Denial of Service (DoS) vulnerability in the Stirling-PDF watermark functionality (`/api/v1/security/add-watermark` endpoint). The vulnerability allows authenticated users to cause resource exhaustion and server crashes by providing extreme values for the `fontSize` and `widthSpacer` parameters. Version 2.5.2 patches the issue."}], "source": {"advisory": "GHSA-3932-2rfq-87xm", "discovery": "UNKNOWN"}}, "adp": [{"references": [{"url": "https://github.com/Stirling-Tools/Stirling-PDF/security/advisories/GHSA-3932-2rfq-87xm", "tags": ["exploit"]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-03-26T17:34:29.197832Z", "id": "CVE-2026-33438", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-26T17:34:32.654Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-33438", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-03-26T17:34:29.197832Z"}}}], "references": [{"url": "https://github.com/Stirling-Tools/Stirling-PDF/security/advisories/GHSA-3932-2rfq-87xm", "tags": ["exploit"]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-26T17:34:23.179Z"}}], "cna": {"title": "Stirling-PDF vulnerable to DoS via add-watermark", "source": {"advisory": "GHSA-3932-2rfq-87xm", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}}], "affected": [{"vendor": "Stirling-Tools", "product": "Stirling-PDF", "versions": [{"status": "affected", "version": ">= 2.1.5, < 2.5.2"}]}], "references": [{"url": "https://github.com/Stirling-Tools/Stirling-PDF/security/advisories/GHSA-3932-2rfq-87xm", "name": "https://github.com/Stirling-Tools/Stirling-PDF/security/advisories/GHSA-3932-2rfq-87xm", "tags": ["x_refsource_CONFIRM"]}], "descriptions": [{"lang": "en", "value": "Stirling-PDF is a locally hosted web application that allows you to perform various operations on PDF files. Versions starting in 2.1.5 and prior to 2.5.2 have Denial of Service (DoS) vulnerability in the Stirling-PDF watermark functionality (`/api/v1/security/add-watermark` endpoint). The vulnerability allows authenticated users to cause resource exhaustion and server crashes by providing extreme values for the `fontSize` and `widthSpacer` parameters. Version 2.5.2 patches the issue."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-770", "description": "CWE-770: Allocation of Resources Without Limits or Throttling"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-03-26T16:58:07.485Z"}}}, "cveMetadata": {"cveId": "CVE-2026-33438", "state": "PUBLISHED", "dateUpdated": "2026-03-26T17:34:32.654Z", "dateReserved": "2026-03-19T18:45:22.437Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2026-03-26T16:58:07.485Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Stirling-PDF is a locally hosted web application that allows you to perform various operations on PDF files. Versions starting in 2.1.5 and prior to 2.5.2 have Denial of Service (DoS) vulnerability in the Stirling-PDF watermark functionality (`/api/v1/security/add-watermark` endpoint). The vulnerability allows authenticated users to cause resource exhaustion and server crashes by providing extreme values for the `fontSize` and `widthSpacer` parameters. Version 2.5.2 patches the issue."}, {"lang": "es", "value": "Stirling-PDF es una aplicaci\u00f3n web alojada localmente que permite realizar diversas operaciones en archivos PDF. Las versiones a partir de la 2.1.5 y anteriores a la 2.5.2 tienen una vulnerabilidad de denegaci\u00f3n de servicio (DoS) en la funcionalidad de marca de agua de Stirling-PDF (punto de conexi\u00f3n '/api/v1/security/add-watermark'). La vulnerabilidad permite a usuarios autenticados causar agotamiento de recursos y ca\u00eddas del servidor al proporcionar valores extremos para los par\u00e1metros 'fontSize' y 'widthSpacer'. La versi\u00f3n 2.5.2 corrige el problema."}], "id": "CVE-2026-33438", "lastModified": "2026-03-30T13:26:50.827", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "[email protected]", "type": "Secondary"}]}, "published": "2026-03-26T17:16:40.657", "references": [{"source": "[email protected]", "url": "https://github.com/Stirling-Tools/Stirling-PDF/security/advisories/GHSA-3932-2rfq-87xm"}, {"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "url": "https://github.com/Stirling-Tools/Stirling-PDF/security/advisories/GHSA-3932-2rfq-87xm"}], "sourceIdentifier": "[email protected]", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-770"}], "source": "[email protected]", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[2.1.5,2.5.2)"}}], "enrichment": {"confidence": 82.0, "confidence_source": "matching", "scores": [{"score": 82.0, "source": "matching"}]}, "original": {"product": "Stirling-PDF", "source": "cna", "vendor": "Stirling-Tools"}, "product": "stirling_pdf", "vendor": "stirlingpdf"}], "analysis": {"en": {"generated_at": "2026-03-26T18:24:50.431627+00:00", "value": {"mitigation_remediation": ["Upgrade to Stirling\u2011PDF version 2.5.2 or later.", "Verify the upgrade by testing the /api/v1/security/add\u2011watermark endpoint for correct behavior and confirm no crash.", "Restrict user roles that have access to the watermark endpoint if an immediate upgrade is not possible.", "Monitor server health metrics and log entries for repeated high\u2011fontSize or widthSpacer usage to detect attempts."], "summary": {"action": "Patch Immediately", "impact": "Denial of Service (resource exhaustion)"}, "threat_synthesis": {"affected_systems": "The flaw affects Stirling\u2011Tools' Stirling\u2011PDF from version 2.1.5 up to, but not including, 2.5.2. All deployments of the application using those releases are susceptible unless the watermark endpoint has been disabled.", "description_and_impact": "The vulnerability in Stirling-PDF allows an authenticated user to trigger a crash of the web application by supplying extreme fontSize and widthSpacer values to the water\u2011marking API. Crafting such a request causes the server to deplete system resources, potentially resulting in service unavailability. This weakness is categorized under CWE\u2011770, reflecting resource exhaustion.", "risk_and_exploitability": "The CVSS score of 6.5 indicates moderate severity. The exploit probability (EPSS) is unavailable, and the vulnerability is not listed in the CISA KEV catalog. Attackers would need valid authentication on the target instance to send the crafted request; once authenticated, they can easily consume resources and cause a denial of service. The absence of a public exploit does not reduce the importance of patching, as the vulnerability can be abused with ordinary credentials."}}}}, "created": "2026-03-27T08:33:40.254036+00:00", "updated": "2026-03-27T09:26:05.576411+00:00", "vendors": ["stirlingpdf", "stirlingpdf$PRODUCT$stirling_pdf"]}