An unauthenticated local attacker may trick a user to open corrupted project files to crash the system due to use after free vulnerability.