CVE-2026-9529

EUVD-2026-31788
A security flaw has been discovered in GNU LibreDWG up to 0.14. The affected element is the function match_BLOCK_HEADER of the file dwggrep.c of the component Dwggrep Utility. Performing a manipulation results in null pointer dereference. The attack requires a local approach. The exploit has been released to the public and may be used for attacks.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
VulDBCNA
3.3 LOW
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
Base Score
CVSS 3.x
EPSS Score
Percentile: 3%
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
VendorProductVersionSource
gnulibredwg
0.1
CNA
gnulibredwg
0.2
CNA
gnulibredwg
0.3
CNA
gnulibredwg
0.4
CNA
gnulibredwg
0.5
CNA
gnulibredwg
0.6
CNA
gnulibredwg
0.7
CNA
gnulibredwg
0.8
CNA
gnulibredwg
0.9
CNA
gnulibredwg
0.10
CNA
gnulibredwg
0.11
CNA
gnulibredwg
0.12
CNA
gnulibredwg
0.13
CNA
gnulibredwg
0.14
CNA