CVE-2026-9503

🗓️ 25 May 2026 21:00:16Reported by VulDBType

GNU LibreDWG up to 0.14 has a dwg next entity null pointer dereference flaw; local exploit released; upgrade advised.

Reporter	Title	Published	Views	Family All 11
ATTACKERKB	CVE-2026-9503	25 May 202621:00	–	attackerkb
CNNVD	GNU LibreDWG 代码问题漏洞	25 May 202600:00	–	cnnvd
Cvelist	CVE-2026-9503 GNU LibreDWG DWG File decode.c dwg_next_entity null pointer dereference	25 May 202621:00	–	cvelist
EUVD	EUVD-2026-31741	25 May 202621:00	–	euvd
NVD	CVE-2026-9503	25 May 202621:16	–	nvd
OPENSUSE Linux	libredwg-devel-0.13.4.8200-1.1 on GA media (moderate)	29 May 202600:00	–	opensuse
OSV	OPENSUSE-SU-2026:10879-1 libredwg-devel-0.13.4.8200-1.1 on GA media	28 May 202600:00	–	osv
Positive Technologies	PT-2026-43131	22 Apr 202600:00	–	ptsecurity
RedhatCVE	CVE-2026-9503	5 Jun 202619:48	–	redhatcve
SUSE CVE	SUSE CVE-2026-9503	27 May 202612:59	–	susecve

Vulners

Node

gnu libredwgMatch0.1

gnu libredwgMatch0.2

gnu libredwgMatch0.3

gnu libredwgMatch0.4

gnu libredwgMatch0.5

gnu libredwgMatch0.6

gnu libredwgMatch0.7

gnu libredwgMatch0.8

gnu libredwgMatch0.9

gnu libredwgMatch0.10

gnu libredwgMatch0.11

gnu libredwgMatch0.12

gnu libredwgMatch0.13

gnu libredwgMatch0.14

[
  {
    "vendor": "GNU",
    "product": "LibreDWG",
    "versions": [
      {
        "version": "0.1",
        "status": "affected"
      },
      {
        "version": "0.2",
        "status": "affected"
      },
      {
        "version": "0.3",
        "status": "affected"
      },
      {
        "version": "0.4",
        "status": "affected"
      },
      {
        "version": "0.5",
        "status": "affected"
      },
      {
        "version": "0.6",
        "status": "affected"
      },
      {
        "version": "0.7",
        "status": "affected"
      },
      {
        "version": "0.8",
        "status": "affected"
      },
      {
        "version": "0.9",
        "status": "affected"
      },
      {
        "version": "0.10",
        "status": "affected"
      },
      {
        "version": "0.11",
        "status": "affected"
      },
      {
        "version": "0.12",
        "status": "affected"
      },
      {
        "version": "0.13",
        "status": "affected"
      },
      {
        "version": "0.14",
        "status": "affected"
      }
    ],
    "cpes": [
      "cpe:2.3:a:gnu:libredwg:*:*:*:*:*:*:*:*"
    ],
    "modules": [
      "DWG File Handler"
    ]
  }
]

Source	Link
github	www.github.com/LibreDWG/libredwg/issues/1245
github	www.github.com/HackC0der/CVE-Repos/blob/main/libredwg/libredwg_6d6a339_heap_oob_write_read_2004_compressed_section.dwg
vuldb	www.vuldb.com/submit/814260
vuldb	www.vuldb.com/vuln/365485/cti
github	www.github.com/LibreDWG/libredwg/commit/8f03865f37f5d4ffd616fef802acc980be54d300
gnu	www.gnu.org/
vuldb	www.vuldb.com/vuln/365485

17 Jun 2026 11:05Current

5.4Medium risk

Vulners AI Score5.4

CVSS 21.7

CVSS 3.13.3

CVSS 44.8

CVSS 33.3

EPSS0.00143

SSVC