PT-2026-56791 · Gnu · Libredwg
Ech06
·
Published
2026-07-09
·
Updated
2026-07-09
·
CVE-2026-15182
CVSS v3.1
5.3
Medium
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L |
Name of the Vulnerable Software and Affected Versions
GNU LibreDWG versions prior to 0.14
Description
A heap-based buffer overflow occurs in the BMP Image Handler component within the
dwg bmp() function located in the src/dwg.c file. This issue requires local access to be exploited.Recommendations
Update to version 0.14.
As a temporary mitigation, restrict the use of the
dwg bmp() function.Exploit
Fix
Buffer Overflow
Heap Based Buffer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Libredwg