CVE-2021-40531

CVE-2021-40531 is a critical-severity vulnerability in Sketch with a CVSS 3.x base score of 9.8. Its EPSS exploit-prediction score of 33% places it in the 98th percentile, indicating an elevated likelihood of exploitation. The underlying weakness is classified as CWE-434.

Key facts

Description

Sketch before 75 allows library feeds to be used to bypass file quarantine. Files are automatically downloaded and opened, without the com.apple.quarantine extended attribute. This results in remote code execution, as demonstrated by CommandString in a terminal profile to Terminal.app.

Frequently asked questions

What is CVE-2021-40531?
Sketch before 75 allows library feeds to be used to bypass file quarantine. Files are automatically downloaded and opened, without the com.apple.quarantine extended attribute. This results in remote code execution, as demonstrated by CommandString in a terminal profile to Terminal.app.
How severe is CVE-2021-40531?
CVE-2021-40531 has a CVSS 3.x base score of 9.8, rated critical severity. It is exploitable over network with low attack complexity, requires no privileges and no user interaction. Impact on confidentiality is high, integrity high, and availability high.
Is CVE-2021-40531 being actively exploited?
It is not currently listed in CISA's KEV catalog. Its EPSS exploit-prediction score is 33% (98th percentile), an estimate of the probability of exploitation in the next 30 days.
What products are affected by CVE-2021-40531?
CVE-2021-40531 affects Sketch. See the affected-products list for the exact vulnerable versions.
How do I fix CVE-2021-40531?
Review the linked vendor and NVD advisories for patched versions and mitigations, then upgrade or apply the recommended workaround. Given its critical severity, prioritise patching exposed systems.
When was CVE-2021-40531 published?
CVE-2021-40531 was published on 2021-09-06 and last updated on 2026-06-17.

References

Affected products (1)

More vulnerabilities in Sketch

All CVEs affecting Sketch →

Other CWE-434 (Unrestricted Upload of File with Dangerous Type) vulnerabilities

Browse all CWE-434 (Unrestricted Upload of File with Dangerous Type) vulnerabilities →