A vulnerability, which was classified as critical, was found in GNU LibreDWG 0.13.4-154-g0b573035. This impacts the function decompress_R2004_section of the file src/decode.c of the component R2004 Section Decompression. Executing a manipulation can lead to heap-based buffer overflow.

This vulnerability appears as CVE-2026-15520. The attack requires local access. In addition, an exploit is available.

You should upgrade the affected component.