If you're considering PuppeteerSharp for PDF generation, here's the version of the story that doesn't show up in the "getting started" docs.
DirtyClone, tracked as CVE-2026-43503, is a Linux kernel vulnerability that allows any local user to gain root privileges.