HTML Injection (CVE-2026-31938) affects `jsPDF`'s New Window paths, potentially leading to client-side script execution. Review usage for untrusted input. #jsPDF #HTMLInjection #infosec pulsepatch.io/posts/cve-2026…