Critical severity9.8NVD Advisory· Published Sep 6, 2021· Updated Jun 17, 2026
CVE-2021-40531
CVE-2021-40531
Description
Sketch before 75 allows library feeds to be used to bypass file quarantine. Files are automatically downloaded and opened, without the com.apple.quarantine extended attribute. This results in remote code execution, as demonstrated by CommandString in a terminal profile to Terminal.app.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Sketch/Sketchdescription
Patches
Vulnerability mechanics
References
2- www.sketch.com/updates/nvdPatchRelease NotesVendor Advisory
- jonpalmisc.com/2021/11/22/cve-2021-40531nvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.