Type Confusion Vulnerability in Qt SVG Affects Multiple Versions
CVE-2026-6210

8.7HIGH

Key Information:

Vendor: The Qt Company
Status: Qt
Vendor: CVE Published:; 6 May 2026

🔔 Create The Qt Company Vulnerability Alert

What is CVE-2026-6210?

A type confusion vulnerability in Qt SVG enables attackers to exploit SVG marker references, leading to application crashes. The vulnerability arises when an application retrieves a node by its id attribute and casts it to QSvgMarker* without verifying the node's type. If a non-marker element such as a references itself as a marker, it triggers an out-of-bounds heap read due to inconsistencies between object sizes, essentially causing an endless recursion and bypassing the marker recursion guard. This flaw results in a denial of service, impacting the stability of applications that utilize the affected versions.

Affected Version(s)

Qt 6.7.0 < 6.8.8

Qt 6.9.0 < 6.11.1

References

https://codereview.qt-project.org/c/qt/qtsvg/+/724887

https://issues.oss-fuzz.com/issues/496327371

CVSS V4

Score:

8.7

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 6, 2026
Vulnerability Reserved
Apr 13, 2026

CVE-2026-6210 Data

JSON