Security Advisory

CVE-2026-4980

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-03-27 14:50:48

Last updated 2026-04-06 19:48:25

Assigner GitLab

State PUBLISHED

Description

A local file disclosure vulnerability in the XInclude processing component of Inkscape 1.1 before 1.3 allows a remote attacker to read local files via a crafted SVG file containing malicious xi:include tags.

← Browse all CVEs View on cve.org ↗