Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

The Qt Company — Vulnerabilities & Security Advisories 14

Browse all 14 CVE security advisories affecting The Qt Company. AI-powered Chinese analysis, POCs, and references for each vulnerability.

The Qt Company develops the Qt framework, a cross-platform C++ toolkit for building desktop, embedded, and mobile applications. Historically, its vulnerabilities frequently include remote code execution, cross-site scripting, and privilege escalation, often stemming from insecure parsing of untrusted input or improper memory handling. While no major public security incidents have been widely documented, the 14 CVEs on record highlight potential risks in components like WebEngine and multimedia modules. The framework's broad deployment in critical systems makes security updates essential, though the company maintains a moderate vulnerability disclosure cadence compared to larger software vendors.

Top products by The Qt Company: Qt Qt for Android
CVE IDTitleCVSSSeverityPublished
CVE-2026-6210 Type confusion and heap-buffer-overflow in Qt SVG marker handling causing application crash — QtCWE-843 6.5AIMediumAI2026-05-06
CVE-2025-14576 Possible QML code injection in VectorImage component — QtCWE-94 7.8 -2026-04-30
CVE-2025-12385 Improper validation of <img> tag size in Text component parser — QtCWE-770 7.5AIHighAI2025-12-03
CVE-2025-6338 Possible denial of service with multiple incoming connections to a Schannel based server with a TLS backend — QtCWE-459 7.5AIHighAI2025-10-16
CVE-2025-10729 Use-after-free vulnerability in Qt SVG qsvghandler.cpp allows denial of service via crafted SVG — QtCWE-416 9.8AICriticalAI2025-10-03
CVE-2025-10728 Uncontrolled recursion in Qt SVG module — QtCWE-674 6.2AIMediumAI2025-10-03
CVE-2025-5992 Passing values outside of expected range to QColorTransferGenericFunction can cause a denial of service — QtCWE-20 7.5AIHighAI2025-07-11
CVE-2025-5991 Use after free in QHttp2ProtocolHandler — QtCWE-416 8.1AIHighAI2025-06-11
CVE-2025-5683 Qt 安全漏洞 — Qt 6.5AIMediumAI2025-06-05
CVE-2025-5455 Possible denial of service when passing malformed data in a URL to qDecodeDataUrl — QtCWE-20 6.5 -2025-06-02
CVE-2025-4211 Improper Link Resolution Before File Access in QFileSystemEngine on Windows — QtCWE-59 8.4AIHighAI2025-05-16
CVE-2025-3512 Buffer overflow in QTextMarkdownImporter — QtCWE-122 9.1AICriticalAI2025-04-11
CVE-2017-10904 Digia Qt for Android 操作系统命令注入漏洞 — Qt for Android 9.8 -2017-12-15
CVE-2017-10905 Digia Qt for Android 安全漏洞 — Qt for Android 7.3 -2017-12-15

This page lists every published CVE security advisory associated with The Qt Company. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.