CVE-2026-45729EPSS p14.7%

CVE-2026-45729CVE-2026-45729

Description

Thor Vector Graphics (ThorVG) is a production-ready vector graphics engine. Prior to version 1.0.5, a null pointer dereference in SvgLoader::run() allows any caller that passes untrusted SVG data to Picture::load() to crash the process with a 6-byte payload. This issue has been patched in version 1.0.5.

Scoring

CVSS 4.3 ()
VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
EPSS0.24% probability of exploitation · percentile 14.7% · 2026-06-18T12:00:27Z
Last modified2026-06-02

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2026-26740
CVE
CVE-2025-25977
CVE
CVE-2025-27796
CVE
CVE-2025-50129
CVE
CVE-2026-48734
CVE
CVE-2025-53510
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.