CVE-2025-7260

Name of the Vulnerable Software and Affected Versions: IrfanView CADImage Plugin (affected versions not specified)

Description: The vulnerability resides within the DWG File Parser component of the CADImage plugin for IrfanView, a graphics, video, and audio file viewer and player. The issue is an out-of-bounds write in memory. Successful exploitation could allow an attacker to execute arbitrary code within the context of the current process.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.