CVE-2025-55161
HIGH EXPLOITED NUCLEIStirling-PDF < 1.1.0 - Server-Side Request Forgery via Markdown to PDF Conversion
Title source: llmExploitation Summary
CVE-2025-55161 has been observed exploited in the wild (reported by VulnCheck KEV). A Nuclei detection template is also available.
Description
Stirling-PDF is a locally hosted web application that performs various operations on PDF files. Prior to version 1.1.0, when using the /api/v1/convert/markdown/pdf endpoint to convert Markdown to PDF, the backend calls a third-party tool to process it and includes a sanitizer for security sanitization which can be bypassed and result in SSRF. This issue has been patched in version 1.1.0.
Nuclei Templates (1)
Stirling-PDF SSRF via Markdown
HIGHVERIFIEDby beginee
Shodan:
http.title:"Stirling PDF"
References (2)
Core 2
Core References
Exploit, Third Party Advisory x_refsource_confirm
https://github.com/Stirling-Tools/Stirling-PDF/security/advisories/GHSA-ff33-grr6-rmvp
Scores
CVSS v3
8.6
EPSS
0.0836
EPSS Percentile
92.5%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L
CISA SSVC
Vulnrichment
Exploitation
poc
Automatable
no
Technical Impact
partial
Details
VulnCheck KEV
2025-10-07
CWE
CWE-918
Status
published
Products (1)
stirlingpdf/stirling_pdf
< 1.1.0
Published
Aug 11, 2025
Tracked Since
Feb 18, 2026