{"id":"CVE-2026-45729","summary":"ThorVG: Null pointer dereference in SVG loader causes crash via 6-byte malformed input","details":"Thor Vector Graphics (ThorVG) is a production-ready vector graphics engine. Prior to version 1.0.5, a null pointer dereference in SvgLoader::run() allows any caller that passes untrusted SVG data to Picture::load() to crash the process with a 6-byte payload. This issue has been patched in version 1.0.5.","aliases":["GHSA-f863-8ghq-7h64"],"modified":"2026-07-15T01:49:13.342907770Z","published":"2026-06-01T17:18:36.254Z","database_specific":{"cwe_ids":["CWE-476"],"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/45xxx/CVE-2026-45729.json","cna_assigner":"GitHub_M"},"references":[{"type":"WEB","url":"https://github.com/thorvg/thorvg/releases/tag/v1.0.5"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/45xxx/CVE-2026-45729.json"},{"type":"ADVISORY","url":"https://github.com/thorvg/thorvg/security/advisories/GHSA-f863-8ghq-7h64"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-45729"},{"type":"FIX","url":"https://github.com/thorvg/thorvg/commit/159f44fd5e3d2eea1b3a70689a894e657e2bb079"},{"type":"FIX","url":"https://github.com/thorvg/thorvg/pull/4387"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/thorvg/thorvg","events":[{"introduced":"0"},{"fixed":"159f44fd5e3d2eea1b3a70689a894e657e2bb079"},{"fixed":"32a9dd9bf239adebad84da5cd08f51a15e29daaa"}],"database_specific":{"extracted_events":[{"introduced":"0"},{"fixed":"1.0.5"}],"source":["AFFECTED_FIELD","REFERENCES"]}}],"versions":["v1.0.4","v1.0.3","v1.0.2","v1.0.1","v1.0.0","v1.0-pre34","v1.0-pre32","v1.0-pre31","v1.0-pre30","v1.0-pre29","v1.0-pre28","v1.0-pre27","v1.0-pre26","v1.0-pre25","v1.0-pre24","v1.0-pre23","v1.0-pre22","v1.0-pre21","v1.0-pre20","v1.0-pre19","v1.0-pre18","v1.0-pre17","v1.0-pre16","v1.0-pre15","v1.0-pre14","v1.0-pre13","v1.0-pre12","v1.0-pre11","v1.0-pre9","v1.0-pre7","v1.0-pre6","v1.0-pre1","v0.11.0","v0.5.0","v0.1.0"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-45729.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}]}