CVE-2026-9504 | GNU LibreDWG up to 0.14 Dwggrep Utility programs/dwggrep.c bit_convert_TU out-of-bounds (Issue 1246)

Inserito da Angelo Barbosa | Mag 25, 2026 | CVE

A vulnerability, which was classified as problematic, has been found in GNU LibreDWG up to 0.14. Affected is the function bit_convert_TU of the file programs/dwggrep.c of the component Dwggrep Utility. This manipulation causes out-of-bounds read.

This vulnerability is registered as CVE-2026-9504. The attack needs to be launched locally. Furthermore, an exploit is available.

Applying a patch is the recommended action to fix this issue.

CVE-2026-9504 | GNU LibreDWG up to 0.14 Dwggrep Utility programs/dwggrep.c bit_convert_TU out-of-bounds (Issue 1246)

Post correlati

CVE-2025-26574 | Moch Amir Google Drive WP Media Plugin up to 2.4.4 on WordPress cross site scripting

CVE-2026-8485 | Progress MOVEit Automation up to 2025.0.10/2025.1.6 memory allocation

CVE-2024-37521 | zwwooooo zBench Plugin up to 1.4.2 on WordPress cross site scripting

CVE-2024-2586 | Amssplus AMSS++ 4.31 /amssplus/index.php username sql injection