fonttools — Vulnerabilities & Security Advisories 2

All 2 CVE vulnerabilities found in fonttools, with AI-generated Chinese analysis, references, and POCs.

CVE ID	Title	CVSS	Severity	Published
CVE-2025-66034	fontTools is Vulnerable to Arbitrary File Write and XML injection in fontTools.varLib CWE-91	6.3	Medium	2025-11-29
CVE-2023-45139	fonttools XML External Entity Injection (XXE) Vulnerability CWE-611	7.5	High	2024-01-10

All 2 known CVE vulnerabilities affecting fonttools with full Chinese analysis, references, and POCs where available.