Sketch

sketch

2 CVEs • 1 product

Products (1)

Click to collapse

Toggle

Sketch

sketch

2 CVEs

CVEs (2)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2021-40531 1Sketch 1Sketch Jun 17, 2026 Sep 6, 2021 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Sketch before 75 allows library feeds to be used to bypass file quarantine. Files are automatically downloaded and opened, without the com.apple.quarantine extended attribute. This results in remote code execution, as de...Show more Sketch before 75 allows library feeds to be used to bypass file quarantine. Files are automatically downloaded and opened, without the com.apple.quarantine extended attribute. This results in remote code execution, as demonstrated by CommandString in a terminal profile to Terminal.app.Show less
CVE-2002-2047 1Sketch 1Sketch Apr 16, 2026 Dec 31, 2002 N/A· v4 N/A· v3 10.0 HIGH· v2 The file preview functionality in Sketch 0.6.12 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the filename of an encapsulated Postscript (EPS) file.

CVE

VENDORS

PRODUCTS

UPDATED

PUBLISHED

CVSS

CVE-2021-40531

1Sketch

Jun 17, 2026

Sep 6, 2021

N/A· v4

9.8 CRITICAL· v3

7.5 HIGH· v2

Sketch before 75 allows library feeds to be used to bypass file quarantine. Files are automatically downloaded and opened, without the com.apple.quarantine extended attribute. This results in remote code execution, as de...Show more

CVE-2002-2047

1Sketch

Apr 16, 2026

Dec 31, 2002

N/A· v4

N/A· v3

10.0 HIGH· v2

The file preview functionality in Sketch 0.6.12 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the filename of an encapsulated Postscript (EPS) file.