CVE-2026-9500

CVSS v3.1

5.3

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

Name of the Vulnerable Software and Affected Versions GNU LibreDWG versions prior to 0.14

Description A heap-based buffer overflow occurs in the read 2004 compressed section() function within the src/decode.c file of the Dwgread Utility component. This issue can be triggered through local access and may lead to a denial of service.

Recommendations Update to version 0.14 or later. As a temporary workaround, restrict local access to the Dwgread Utility component to minimize the risk of exploitation.

Exploit

Fix

Buffer Overflow

Heap Based Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119CWE-122

Related Identifiers

BDU:2026-07300

CVE-2026-9500

Affected Products

Libredwg

CVE-2026-9500

Weakness Enumeration

Related Identifiers

Affected Products

References · 9