CVE-2025-7246

Name of the Vulnerable Software and Affected Versions IrfanView CADImage Plugin (affected versions not specified)

Description This issue involves a memory corruption vulnerability in the DWG file parsing functionality of the IrfanView CADImage Plugin. Successful exploitation allows remote attackers to execute arbitrary code within the context of the current process. User interaction is required, specifically the need for a target to visit a malicious page or open a malicious file. The root cause is inadequate validation of user-supplied data during DWG file parsing, leading to a memory corruption condition.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.