jsPDF Flaw Exposes Millions of Developers to Object Injection

A critical jsPDF flaw (CVE-2026-25755) with a CVSS score of 8.8 allows PDF Object Injection through the addJS method, potentially exposing millions of developers and users to malicious code execution. The vulnerability, present in versions prior to 4.1.0, can be mitigated by upgrading to version 4.1.0 or later and validating all user inputs.