CVE-2026-9605

Published: Mag 27, 2026 Last Modified: Mag 27, 2026
ExploitDB:
Other exploit source:
Google Dorks:
MEDIUM 5,5
Source: [email protected]
Attack Vector: network
Attack Complexity: low
Privileges Required: none
User Interaction: none
Confidentiality: N/A
Integrity: N/A
Availability: N/A
HIGH 7,3
Source: [email protected]
Attack Vector: network
Attack Complexity: low
Privileges Required: none
User Interaction: none
Scope: unchanged
Confidentiality: low
Integrity: low
Availability: low
HIGH 7,5
Source: [email protected]
Access Vector: network
Access Complexity: low
Authentication: none
Confidentiality: partial
Integrity: partial
Availability: partial

Description

AI Translation Available

A flaw has been found in GNU libredwg up to 0.13.4.8160. This issue affects the function bit_read_RC of the file bits.c of the component Dwgbmp Utility. This manipulation causes heap-based buffer overflow. The attack is possible to be carried out remotely. The exploit has been published and may be used. Patch name: 8f03865f37f5d4ffd616fef802acc980be54d300. Applying a patch is the recommended action to fix this issue.

119

Improper Restriction of Operations within the Bounds of a Memory Buffer

Stable
Abstraction: Class Structure: Simple
Common Consequences
Security Scopes Affected:
Integrity Confidentiality Availability
Potential Impacts:
Execute Unauthorized Code Or Commands Modify Memory Read Memory Dos: Crash, Exit, Or Restart Dos: Resource Consumption (Cpu) Dos: Resource Consumption (Memory)
Applicable Platforms
Languages: Memory-Unsafe, C, C++, Assembly
Likelihood of Exploit: High
View CWE Details
122

Heap-based Buffer Overflow

Draft
Abstraction: Variant Structure: Simple
Common Consequences
Security Scopes Affected:
Availability Integrity Confidentiality Access Control Other
Potential Impacts:
Dos: Crash, Exit, Or Restart Dos: Resource Consumption (Cpu) Dos: Resource Consumption (Memory) Execute Unauthorized Code Or Commands Bypass Protection Mechanism Modify Memory Other
Applicable Platforms
Languages: Memory-Unsafe, C, C++
Likelihood of Exploit: High
View CWE Details
https://github.com/HackC0der/CVE-Repos/blob/main/libredwg/l…
https://github.com/HackC0der/CVE-Repos/blob/main/libredwg/libredwg_6d6a339_heap…
https://github.com/LibreDWG/libredwg/commit/8f03865f37f5d4f…
https://github.com/LibreDWG/libredwg/commit/8f03865f37f5d4ffd616fef802acc980be5…
https://github.com/LibreDWG/libredwg/issues/1248
https://github.com/LibreDWG/libredwg/issues/1248
https://vuldb.com/submit/818197
https://vuldb.com/submit/818197
https://vuldb.com/vuln/365678
https://vuldb.com/vuln/365678
https://vuldb.com/vuln/365678/cti
https://vuldb.com/vuln/365678/cti
https://www.gnu.org/
https://www.gnu.org/