CVE-2026-9530 GNU LibreDWG Dwgbmp Utility decode.c read_2004_compressed_section out-of-bounds

A weakness has been identified in GNU LibreDWG up to 0.14. The impacted element is the function read2004compressedsection of the file src/decode.c of the component Dwgbmp Utility. Executing a manipulation can lead to out-of-bounds read. The attack requires local access. The exploit has been made...

CVE-2026-9530

A weakness has been identified in GNU LibreDWG up to 0.14. The impacted element is the function read2004compressedsection of the file src/decode.c of the component Dwgbmp Utility. Executing a manipulation can lead to out-of-bounds read. The attack requires local access. The exploit has been made...

CVE-2026-9529 GNU LibreDWG Dwggrep Utility dwggrep.c match_BLOCK_HEADER null pointer dereference

A security flaw has been discovered in GNU LibreDWG up to 0.14. The affected element is the function matchBLOCKHEADER of the file dwggrep.c of the component Dwggrep Utility. Performing a manipulation results in null pointer dereference. The attack requires a local approach. The exploit has been...

CVE-2026-9529

Technical details about CVE-2026-9529 (affected software, vulnerable component, impact, fixes) are not publicly provided in the supplied documents. Monitor for updates from official advisories.

CVE-2026-9529

A security flaw has been discovered in GNU LibreDWG up to 0.14. The affected element is the function matchBLOCKHEADER of the file dwggrep.c of the component Dwggrep Utility. Performing a manipulation results in null pointer dereference. The attack requires a local approach. The exploit has been...

Moderate: glibc security update

The glibc packages provide the standard C libraries libc, POSIX thread libraries libpthread, standard math libraries libm, and the name service cache daemon nscd used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fixes: glibc:...

ALSA-2026:20587 Moderate: glibc security update

The glibc packages provide the standard C libraries libc, POSIX thread libraries libpthread, standard math libraries libm, and the name service cache daemon nscd used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fixes: glibc:...

PT-2026-43431

Name of the Vulnerable Software and Affected Versions GNU libredwg versions prior to 0.13.4.8161 Description A heap-based buffer overflow occurs in the Dwgbmp Utility component within the bit read RC function of the bits.c file. This flaw allows a remote attacker to trigger the overflow through...

CVE-2026-9503

A security flaw has been discovered in GNU LibreDWG up to 0.14. This impacts the function dwgnextentity of the file src/decode.c of the component DWG File Handler. The manipulation results in null pointer dereference. The attack must be initiated from a local position. The exploit has been releas...

CVE-2026-9502

A vulnerability was identified in GNU LibreDWG up to 0.14. This affects the function decompressR2004section of the file src/decode.c of the component Dwgread Utility. The manipulation leads to heap-based buffer overflow. The attack must be carried out locally. The exploit is publicly available an...

CVE-2026-9501

A vulnerability was determined in GNU LibreDWG up to 0.14. The impacted element is the function decompressR2004section of the file src/decode.c of the component Dwgread Utility. Executing a manipulation can lead to reachable assertion. The attack is restricted to local execution. The exploit has...

CVE-2026-9500

A vulnerability was found in GNU LibreDWG up to 0.14. The affected element is the function read2004compressedsection of the file src/decode.c of the component Dwgread Utility. Performing a manipulation results in heap-based buffer overflow. The attack is only possible with local access. The explo...

CVE-2026-9504 GNU LibreDWG Dwggrep Utility dwggrep.c bit_convert_TU out-of-bounds

A weakness has been identified in GNU LibreDWG up to 0.14. Affected is the function bitconvertTU of the file programs/dwggrep.c of the component Dwggrep Utility. This manipulation causes out-of-bounds read. The attack needs to be launched locally. The exploit has been made available to the public...

CVE-2026-9503 GNU LibreDWG DWG File decode.c dwg_next_entity null pointer dereference

A security flaw has been discovered in GNU LibreDWG up to 0.14. This impacts the function dwgnextentity of the file src/decode.c of the component DWG File Handler. The manipulation results in null pointer dereference. The attack must be initiated from a local position. The exploit has been releas...

CVE-2026-9503

A security flaw has been discovered in GNU LibreDWG up to 0.14. This impacts the function dwgnextentity of the file src/decode.c of the component DWG File Handler. The manipulation results in null pointer dereference. The attack must be initiated from a local position. The exploit has been releas...

CVE-2026-9502

A vulnerability was identified in GNU LibreDWG up to 0.14. This affects the function decompressR2004section of the file src/decode.c of the component Dwgread Utility. The manipulation leads to heap-based buffer overflow. The attack must be carried out locally. The exploit is publicly available an...

CVE-2026-9502

Summary: CVE-2026-9502 affects GNU LibreDWG’s Dwgread Utility (up to 0.14). The issue is in decompress_R2004_section (src/decode.c), causing a heap-based buffer overflow. The attack is local and there is a publicly available exploit. A patch is identified by commit/id e501cb9926c1e9a07a0d1cc997f3...

CVE-2026-9501

CVE-2026-9501 affects GNU LibreDWG up to 0.14, specifically the Dwgread Utility’s src/decode.c decompress_R2004_section function. The vulnerability can cause a reachable assertion under local execution due to manipulation of input data. Exploitation status in the provided docs is not detailed bey...

CVE-2026-9501

A vulnerability was determined in GNU LibreDWG up to 0.14. The impacted element is the function decompressR2004section of the file src/decode.c of the component Dwgread Utility. Executing a manipulation can lead to reachable assertion. The attack is restricted to local execution. The exploit has...

CVE-2026-9500

A vulnerability was found in GNU LibreDWG up to 0.14. The affected element is the function read2004compressedsection of the file src/decode.c of the component Dwgread Utility. Performing a manipulation results in heap-based buffer overflow. The attack is only possible with local access. The explo...