Trimble Sketchup
8 CVEs affecting Trimble Sketchup. Latest disclosed: 2026-05-22. Critical: 1, High: 5.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-9264 | Critical | 9.3 | 2026-05-22 | A cross-site scripting (XSS) vulnerability in SketchUp 2026's Dynamic Components feature allows remote code execution and local file exfiltration through malic… |
CVE-2025-15062 | High | 7.8 | 2026-01-23 | Trimble SketchUp SKP File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on a… |
CVE-2025-2024 | High | 7.8 | 2025-03-07 | Trimble SketchUp SKP File Parsing Uninitialized Variable Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary c… |
CVE-2024-7510 | High | 7.8 | 2024-11-22 | Trimble SketchUp SKP File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on a… |
CVE-2024-7509 | High | 7.8 | 2024-11-22 | Trimble SketchUp SKP File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitr… |
CVE-2024-9712 | High | 7.8 | 2024-11-22 | Trimble SketchUp SKP File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on a… |
CVE-2013-7388 | | 2014-07-01 | Heap-based buffer overflow in paintlib, as used in Trimble SketchUp (formerly Google SketchUp) before 2013 (13.0.3689), allows remote attackers to execute arbi… | |
CVE-2013-3664 | | 2014-07-01 | Trimble SketchUp (formerly Google SketchUp) before 2013 (13.0.3689) allows remote attackers to execute arbitrary code via a crafted color palette table in a MA… |