Inkscape Inkscape
7 CVEs affecting Inkscape Inkscape. Latest disclosed: 2026-03-27. Critical: 0, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2021-42704 | High | 7.8 | 2022-05-18 | Inkscape version 0.91 is vulnerable to an out-of-bounds write, which may allow an attacker to arbitrary execute code. |
CVE-2026-4980 | Medium | 6.3 | 2026-03-27 | A local file disclosure vulnerability in the XInclude processing component of Inkscape 1.1 before 1.3 allows a remote attacker to read local files via a crafte… |
CVE-2012-5656 | Medium | 5.5 | 2013-01-18 | The rasterization process in Inkscape before 0.48.4 allows local users to read arbitrary files via an external entity in a SVG file, aka an XML external entity… |
CVE-2021-42702 | Low | 3.3 | 2022-05-18 | Inkscape version 0.91 can access an uninitialized pointer, which may allow an attacker to have access to unauthorized information. |
CVE-2021-42700 | Low | 3.3 | 2022-05-18 | Inkscape 0.91 is vulnerable to an out-of-bounds read, which may allow an attacker to have access to unauthorized information. |
CVE-2025-15523 | | 2026-01-22 | MacOS version of Inkscape bundles a Python interpreter that inherits the Transparency, Consent, and Control (TCC) permissions granted by the user to the main a… | |
CVE-2012-6076 | | 2013-03-12 | Inkscape before 0.48.4 reads .eps files from /tmp instead of the current directory, which might cause Inkspace to process unintended files, allow local users t… |