CVE-2026-9504
EUVD-2026-3174525.05.2026, 22:16
A weakness has been identified in GNU LibreDWG up to 0.14. Affected is the function bit_convert_TU of the file programs/dwggrep.c of the component Dwggrep Utility. This manipulation causes out-of-bounds read. The attack needs to be launched locally. The exploit has been made available to the public and could be used for attacks. Patch name: be996bf2178a40e98720f18c2414815d244413db. Applying a patch is the recommended action to fix this issue.Enginsight
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
| Vendor | Product | Version | Source |
|---|---|---|---|
| gnu | libredwg | 0.1 | CNA |
| gnu | libredwg | 0.2 | CNA |
| gnu | libredwg | 0.3 | CNA |
| gnu | libredwg | 0.4 | CNA |
| gnu | libredwg | 0.5 | CNA |
| gnu | libredwg | 0.6 | CNA |
| gnu | libredwg | 0.7 | CNA |
| gnu | libredwg | 0.8 | CNA |
| gnu | libredwg | 0.9 | CNA |
| gnu | libredwg | 0.10 | CNA |
| gnu | libredwg | 0.11 | CNA |
| gnu | libredwg | 0.12 | CNA |
| gnu | libredwg | 0.13 | CNA |
| gnu | libredwg | 0.14 | CNA |
Common Weakness Enumeration
References