CVE-2026-9605
HighSummary
A flaw has been found in GNU libredwg up to version 0.13.4.8160 affecting the function bit_read_RC of the file bits.c of the component Dwgbmp Utility. This issue leads to a heap-based buffer overflow that can be exploited remotely.
Risk Assessment
The potential for a remote attack leading to buffer overflow poses a serious security risk to systems using this library, which could result in data loss or system takeover.
Recommendation
It is recommended to apply the patch named 8f03865f37f5d4ffd616fef802acc980be54d300 to fix this issue.
Original NVD description (English source)
A flaw has been found in GNU libredwg up to 0.13.4.8160. This issue affects the function bit_read_RC of the file bits.c of the component Dwgbmp Utility. This manipulation causes heap-based buffer overflow. The attack is possible to be carried out remotely. The exploit has been published and may be used. Patch name: 8f03865f37f5d4ffd616fef802acc980be54d300. Applying a patch is the recommended action to fix this issue.

