ZDI-CAN-28905 HIGH 7.8 Upcoming Feb 06, 2026

Krita

Krita is a free, open-source digital painting and illustration software commonly used by artists and designers. This high-severity vulnerability requires local access and user interaction to execute, but once exploited grants an attacker high-impact capabilities including confidentiality breach, unauthorized modifications, and system availability disruption. Security teams should monitor for this advisory's public disclosure around June 2026 and prioritize patching Krita installations in environments where untrusted files might be opened by users.

Advisory Details
Researcher Anonymous
Reported February 06, 2026
Deadline June 06, 2026 51d
CVSS Vector AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Tags

Potential Privilege Escalation

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy