{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2026-41552","assignerOrgId":"4bb8329e-dd38-46c1-aafb-9bf32bcb93c6","state":"PUBLISHED","assignerShortName":"CERT-PL","dateReserved":"2026-04-21T12:09:57.293Z","datePublished":"2026-05-15T12:31:21.791Z","dateUpdated":"2026-05-15T13:14:32.252Z"},"containers":{"cna":{"affected":[{"defaultStatus":"unaffected","product":"PDF Export Module","vendor":"DHTMLX","versions":[{"lessThan":"0.7.6","status":"affected","version":"0.3.3","versionType":"semver"}]}],"credits":[{"lang":"en","type":"finder","value":"Łukasz Jaworski (Pentest Limited)"},{"lang":"en","type":"finder","value":"Tomasz Holeksa (Pentest Limited)"}],"datePublic":"2026-05-15T12:31:00.000Z","descriptions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"PDF Export Module used in DHTMLX's products Gantt and Scheduler is vulnerable to&nbsp;Path Traversal due to lack of HTML sanitization. An unauthenticated user could craft the html payload which could include\n local files from the server and display them in the generated PDF.  <br><br>This issue was fixed in PDF Export Module version 0.7.6.<br>"}],"value":"PDF Export Module used in DHTMLX's products Gantt and Scheduler is vulnerable to Path Traversal due to lack of HTML sanitization. An unauthenticated user could craft the html payload which could include\n local files from the server and display them in the generated PDF.  \n\nThis issue was fixed in PDF Export Module version 0.7.6."}],"impacts":[{"capecId":"CAPEC-126","descriptions":[{"lang":"en","value":"CAPEC-126 Path Traversal"}]}],"metrics":[{"cvssV4_0":{"Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","Safety":"NOT_DEFINED","attackComplexity":"LOW","attackRequirements":"NONE","attackVector":"NETWORK","baseScore":9.2,"baseSeverity":"CRITICAL","privilegesRequired":"NONE","providerUrgency":"NOT_DEFINED","subAvailabilityImpact":"NONE","subConfidentialityImpact":"HIGH","subIntegrityImpact":"NONE","userInteraction":"NONE","valueDensity":"NOT_DEFINED","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N","version":"4.0","vulnAvailabilityImpact":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"NONE","vulnerabilityResponseEffort":"NOT_DEFINED"},"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}]}],"problemTypes":[{"descriptions":[{"cweId":"CWE-22","description":"CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')","lang":"en","type":"CWE"}]}],"providerMetadata":{"orgId":"4bb8329e-dd38-46c1-aafb-9bf32bcb93c6","shortName":"CERT-PL","dateUpdated":"2026-05-15T12:32:07.928Z"},"references":[{"tags":["third-party-advisory"],"url":"https://cert.pl/en/posts/2026/05/CVE-2026-7182"},{"tags":["release-notes"],"url":"https://docs.dhtmlx.com/gantt/guides/pdf-export-module-whatsnew/#076:~:text=Fixed%20Remote%20Code%20Execution%20and%20File%20Read%20vulnerabilities"}],"source":{"discovery":"EXTERNAL"},"title":"Path Traversal in PDF Export Module","x_generator":{"engine":"Vulnogram 0.2.0"}},"adp":[{"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2026-05-15T13:14:26.119075Z","id":"CVE-2026-41552","options":[{"Exploitation":"none"},{"Automatable":"yes"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2026-05-15T13:14:32.252Z"}}]}}