Medium severity6.3NVD Advisory· Published Mar 27, 2026· Updated May 26, 2026
CVE-2026-4980
CVE-2026-4980
Description
A local file disclosure vulnerability in the XInclude processing component of Inkscape 1.1 before 1.3 allows a remote attacker to read local files via a crafted SVG file containing malicious xi:include tags.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3Patches
Vulnerability mechanics
References
1- gitlab.com/inkscape/inkscape/-/merge_requests/5269nvdIssue TrackingPatch
News mentions
0No linked articles in our index yet.