Google Web Designer allows malicious files to be written to your computer

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

8.4

Google Web Designer allows malicious files to be written to your computer

CVE-2026-3223

Summary

Google Web Designer, a tool for creating web pages, has a security flaw that lets hackers write files to your computer without your permission. This could allow them to gain control of your system or steal sensitive information. Update Google Web Designer to the latest version to fix this issue.

Original title

Arbitrary file write & potential privilege escalation exploiting zip slip vulnerability in Google Web Designer.

Original description

Arbitrary file write & potential privilege escalation exploiting zip slip vulnerability in Google Web Designer.

nvd CVSS4.0 8.4

Vulnerability type

CWE-22 Path Traversal

https://bughunters.google.com/reports/vrp/FJMQGy8oo

Published: 27 Feb 2026 · Updated: 12 Mar 2026 · First seen: 6 Mar 2026