Public CVE-2021-22771 disclosure

A CWE-502: Deserialization of Untrusted Data vulnerability exists that could cause code execution by opening a malicious project file.