Inkscape · Inkscape · CVE-2026-4980
**Name of the Vulnerable Software and Affected Versions**
Inkscape versions 1.1 through 1.2
**Description**
A local file disclosure issue exists in the XInclude processing component. A remote attacker can read local files by using a specially crafted SVG file that contains malicious `xi:include` tags.
**Recommendations**
Update to version 1.3.