PT-2026-56793 · Gnu · Libredwg
Ech06
·
Published
2026-07-09
·
Updated
2026-07-09
·
CVE-2026-15184
CVSS v3.1
3.3
Low
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L |
Name of the Vulnerable Software and Affected Versions
GNU LibreDWG versions prior to 0.14
Description
A null pointer dereference occurs in the DWG File Handler component when the
next obj argument is manipulated within the dwg next entity() function located in the src/dwg.c file. This issue requires the attack to be initiated from a local position.Recommendations
Update GNU LibreDWG to version 0.14.
Exploit
Fix
NULL Pointer Dereference
Improper Resource Release
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Libredwg