CVE-2026-9500 | GNU LibreDWG up to 0.14 Dwgread Utility src/decode.c read_2004_compressed_section heap-based overflow (Issue 1241)

A vulnerability marked as critical has been reported in GNU LibreDWG up to 0.14. The affected element is the function read_2004_compressed_section of the file src/decode.c of the component Dwgread Utility. Performing a manipulation results in heap-based buffer overflow.

This vulnerability is identified as CVE-2026-9500. The attack is only possible with local access. Additionally, an exploit exists.

The project was informed of the problem early through an issue report but has not responded yet.VulDB Recent EntriesRead More