Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

RedhatCVE
RedhatCVEadded 2026/03/29 6:0 p.m.5 views

CVE-2026-4980

A vulnerability was found in Inkscape due to improper handling of XInclude elements in SVG files. The application processes xi:include directives without restricting access to local resources, allowing external file references such as file:// URIs to be included during document processing. An...

6.3CVSS5.7AI score0.00041EPSS
Exploits1References5
OSV
OSVadded 2026/02/18 10:16 a.m.2 views

CLSA-2026-1771409779 Fix CVE(s): CVE-2025-68618, CVE-2025-69204

SECURITY UPDATE: Malicious SVG file resulted in a DoS attack - debian/patches/CVE-2025-68618.patch: fix DOS when processing a specially crafted malicious SVG file - CVE-2025-68618 SECURITY UPDATE: WriteSVGImage function, using an int variable to store numberattributes caused an integer overflow a...

7.5CVSS5.9AI score0.00106EPSS
Exploits2References1
Positive Technologies
Positive Technologiesadded 2025/12/17 12:0 a.m.4 views

PT-2025-51981

Name of the Vulnerable Software and Affected Versions affected versions not specified Description A flaw exists in the file upload process within the bookmark and asset rendering pipeline. An attacker can upload a malicious SVG file containing JavaScript code. When an authenticated administrator...

8.2CVSS6.3AI score0.00045EPSS
Exploits0References5
Packet Storm News
Packet Storm Newsadded 2025/09/29 12:0 a.m.1 views

SVG Security Analysis Toolkit

SVG Security Analysis Toolkit contains specialized Python tools for analyzing potentially malicious SVG files and detecting security mechanisms...

7AI score
Exploits0
Positive Technologies
Positive Technologiesadded 2025/09/17 12:0 a.m.4 views

PT-2025-38279

Name of the Vulnerable Software and Affected Versions: Frappe Learning versions 2.34.1 and below Description: Frappe Learning does not adequately sanitize content uploaded in the profile bio. This allows for the execution of arbitrary scripts in the context of other users through malicious SVG...

4.6CVSS6.6AI score0.00067EPSS
Exploits0References5
Positive Technologies
Positive Technologiesadded 2024/10/02 12:0 a.m.3 views

PT-2024-31859

Name of the Vulnerable Software and Affected Versions Contao version 5.4.1 Description The issue allows an authenticated admin account to upload a SVG file containing malicious javascript code into the target system. If the file is accessed through the website, it could lead to a Cross-Site...

6.4CVSS6.7AI score0.00343EPSS
Exploits1References12
OSV
OSVadded 2017/04/18 12:0 a.m.0 views

UBUNTU-CVE-2017-5662

In Apache Batik before 1.9, files lying on the filesystem of the server which uses batik can be revealed to arbitrary users who send maliciously formed SVG files. The file types that can be shown depend on the user context in which the exploitable application is running. If the user is root a ful...

7.3CVSS7.2AI score0.01431EPSS
Exploits0References4
Rows per page
Query Builder