CVE-2026-15184
Deferred Deferred - Pending Action

Null Pointer Dereference in GNU LibreDWG

Vulnerability report for CVE-2026-15184, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-07-09

Last updated on: 2026-07-09

Assigner: VulDB

Description

A vulnerability was found in GNU LibreDWG up to 0.13.4. The impacted element is the function dwg_next_entity of the file src/dwg.c of the component DWG File Handler. Performing a manipulation of the argument next_obj results in null pointer dereference. The attack must be initiated from a local position. The exploit has been made public and could be used. Upgrading to version 0.14 is sufficient to resolve this issue. The patch is named dde45dac3c4d902e4d8fed150a8017b9732019c9. Upgrading the affected component is recommended. Different than CVE-2026-9503.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-07-09
Last Modified
2026-07-09
Generated
2026-07-09
AI Q&A
2026-07-09
EPSS Evaluated
N/A
NVD
EUVD

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
gnu libredwg to 0.13.4 (inc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-404 The product does not release or incorrectly releases a resource before it is made available for re-use.
CWE-476 The product dereferences a pointer that it expects to be valid but is NULL.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability exists in the GNU LibreDWG library up to version 0.13.4, specifically in the function dwg_next_entity within the file src/dwg.c. It is caused by a null pointer dereference when the argument next_obj is manipulated improperly. This means that the function attempts to access memory through a pointer that is NULL, leading to a crash or segmentation fault. The vulnerability can be triggered locally by processing a specially crafted DWG file, causing the program to crash due to invalid memory access.

The issue was fixed by adding a NULL check for next_obj before it is used, preventing the null pointer dereference. Upgrading to LibreDWG version 0.14 or later resolves this vulnerability.

Impact Analysis

This vulnerability can cause the affected software to crash due to a null pointer dereference when processing a maliciously crafted DWG file. The impact is limited to availability, as the crash results in a denial of service condition.

  • An attacker with local access can trigger the crash by supplying a malformed DWG file.
  • There is no impact on confidentiality or integrity according to the CVSS scores.

Overall, the vulnerability can disrupt normal operations of applications using the vulnerable LibreDWG library, potentially causing downtime or interruption of service.

Detection Guidance

This vulnerability manifests as a NULL pointer dereference in the dwg_next_entity function when processing malformed DWG files, causing a segmentation fault (SEGV). Detection involves monitoring for crashes or segmentation faults in applications using the LibreDWG library, especially when handling DWG files.

One practical approach is to test the system with a crafted DWG file that triggers the vulnerability, such as the proof-of-concept file available in public repositories.

For example, using the dwggrep tool from LibreDWG with a malicious DWG file can reproduce the crash:

  • dwggrep <crafted-malicious-file.dwg>

Additionally, running the LibreDWG library or tools under debugging or sanitizing tools like AddressSanitizer can help detect the NULL pointer dereference during DWG entity traversal.

Mitigation Strategies

The recommended immediate mitigation is to upgrade the LibreDWG library to version 0.14 or later, where the vulnerability has been fixed by adding proper NULL pointer checks in the dwg_next_entity function.

Avoid processing untrusted or malformed DWG files with vulnerable versions of the library to reduce the risk of exploitation.

Applying the patch identified by commit dde45dac3c4d902e4d8fed150a8017b9732019c9 also resolves the issue if upgrading is not immediately possible.

Compliance Impact

The vulnerability in GNU LibreDWG involves a NULL pointer dereference that can cause a local crash but does not impact confidentiality, integrity, or data availability beyond causing a denial of service locally.

Given the CVSS scores indicate no impact on confidentiality or integrity and only a low impact on availability, there is no direct indication that this vulnerability affects compliance with common standards and regulations such as GDPR or HIPAA, which primarily focus on protecting personal data confidentiality and integrity.

Therefore, this vulnerability is unlikely to have a significant effect on compliance with these regulations.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-15184. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart