A vulnerability classified as problematic was found in Grav CMS up to 1.7.x . This impacts an unknown function of the component SVG File Handler . Such manipulation leads to xml external entity reference. This vulnerability is uniquely identified as CVE-2026-29924 . The attack can be launched remotely. No exploit exists.