GNU Libredwg
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in GNU Libredwg.
By the Year
In 2026 there have been 8 vulnerabilities in GNU Libredwg with an average score of 4.3 out of ten. Libredwg did not have any published security vulnerabilities last year. That is, 8 more vulnerabilities have already been reported in 2026 as compared to last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 8 | 4.30 |
| 2025 | 0 | 0.00 |
| 2024 | 1 | 7.50 |
| 2023 | 5 | 8.80 |
| 2022 | 13 | 7.98 |
| 2021 | 33 | 8.14 |
| 2020 | 15 | 6.50 |
| 2019 | 13 | 0.00 |
| 2018 | 3 | 0.00 |
It may take a day or so for new Libredwg vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent GNU Libredwg Security Vulnerabilities
Heap Buffer Overflow in GNU libredwg 0.13.4.8160 (Dwgbmp Utility)
CVE-2026-9605
7.3 - High
- May 26, 2026
A flaw has been found in GNU libredwg up to 0.13.4.8160. This issue affects the function bit_read_RC of the file bits.c of the component Dwgbmp Utility. This manipulation causes heap-based buffer overflow. The attack is possible to be carried out remotely. The exploit has been published and may be used. Patch name: 8f03865f37f5d4ffd616fef802acc980be54d300. Applying a patch is the recommended action to fix this issue.
Heap-based Buffer Overflow
OOB Read in GNU LibreDWG (pre-0.14) Dwgbmp Utility
CVE-2026-9530
3.3 - Low
- May 26, 2026
A weakness has been identified in GNU LibreDWG up to 0.14. The impacted element is the function read_2004_compressed_section of the file src/decode.c of the component Dwgbmp Utility. Executing a manipulation can lead to out-of-bounds read. The attack requires local access. The exploit has been made available to the public and could be used for attacks. This patch is called 8f03865f37f5d4ffd616fef802acc980be54d300. It is advisable to implement a patch to correct this issue.
Out-of-bounds Read
Local Null Dereference in LibreDWG<0.14 match_BLOCK_HEADER (Dwggrep)
CVE-2026-9529
3.3 - Low
- May 26, 2026
A security flaw has been discovered in GNU LibreDWG up to 0.14. The affected element is the function match_BLOCK_HEADER of the file dwggrep.c of the component Dwggrep Utility. Performing a manipulation results in null pointer dereference. The attack requires a local approach. The exploit has been released to the public and may be used for attacks.
NULL Pointer Dereference
LibreDWG <=0.14 OOBR in Dwggrep::bit_convert_TU
CVE-2026-9504
3.3 - Low
- May 25, 2026
A weakness has been identified in GNU LibreDWG up to 0.14. Affected is the function bit_convert_TU of the file programs/dwggrep.c of the component Dwggrep Utility. This manipulation causes out-of-bounds read. The attack needs to be launched locally. The exploit has been made available to the public and could be used for attacks. Patch name: be996bf2178a40e98720f18c2414815d244413db. Applying a patch is the recommended action to fix this issue.
Out-of-bounds Read
LibreDWG 0.14 Null Deref in dwg_next_entity (Local)
CVE-2026-9503
3.3 - Low
- May 25, 2026
A security flaw has been discovered in GNU LibreDWG up to 0.14. This impacts the function dwg_next_entity of the file src/decode.c of the component DWG File Handler. The manipulation results in null pointer dereference. The attack must be initiated from a local position. The exploit has been released to the public and may be used for attacks. The patch is identified as 8f03865f37f5d4ffd616fef802acc980be54d300. Upgrading the affected component is advised.
NULL Pointer Dereference
Heap Buffer Overflow in GNU LibreDWG Dwgread <=0.14
CVE-2026-9502
5.3 - Medium
- May 25, 2026
A vulnerability was identified in GNU LibreDWG up to 0.14. This affects the function decompress_R2004_section of the file src/decode.c of the component Dwgread Utility. The manipulation leads to heap-based buffer overflow. The attack must be carried out locally. The exploit is publicly available and might be used. The identifier of the patch is e501cb9926c1e9a07a0d1cc997f3e69e9be801c9. To fix this issue, it is recommended to deploy a patch.
Heap-based Buffer Overflow
LibreDWG <=0.14 DEP Assertion via decompress_R2004_section Local Only
CVE-2026-9501
3.3 - Low
- May 25, 2026
A vulnerability was determined in GNU LibreDWG up to 0.14. The impacted element is the function decompress_R2004_section of the file src/decode.c of the component Dwgread Utility. Executing a manipulation can lead to reachable assertion. The attack is restricted to local execution. The exploit has been publicly disclosed and may be utilized. This patch is called e501cb9926c1e9a07a0d1cc997f3e69e9be801c9. A patch should be applied to remediate this issue.
assertion failure
LibreDWG<=0.14: heap-based buffer overflow in read_2004_compressed_section
CVE-2026-9500
5.3 - Medium
- May 25, 2026
A vulnerability was found in GNU LibreDWG up to 0.14. The affected element is the function read_2004_compressed_section of the file src/decode.c of the component Dwgread Utility. Performing a manipulation results in heap-based buffer overflow. The attack is only possible with local access. The exploit has been made public and could be used. The project was informed of the problem early through an issue report but has not responded yet.
Heap-based Buffer Overflow
libredwg <0.12.5.6384 DoS via out-of-bounds read in decode_r2007.c
CVE-2023-26157
7.5 - High
- January 02, 2024
Versions of the package libredwg before 0.12.5.6384 are vulnerable to Denial of Service (DoS) due to an out-of-bounds read involving section->num_pages in decode_r2007.c.
Out-of-bounds Read
LibreDWG 0.11-0.12.5 Heap Buffer Overflow via bit_write_TF
CVE-2023-36274
8.8 - High
- June 23, 2023
LibreDWG v0.11 to v0.12.5 was discovered to contain a heap buffer overflow via the function bit_write_TF at bits.c.
Memory Corruption
LibreDWG v0.12.5 Heap Buffer Overflow in bit_calc_CRC
CVE-2023-36273
8.8 - High
- June 23, 2023
LibreDWG v0.12.5 was discovered to contain a heap buffer overflow via the function bit_calc_CRC at bits.c.
Memory Corruption
LibreDWG v0.100.12.5 Heap Buffer Overflow in bit_utf8_to_TU
CVE-2023-36272
8.8 - High
- June 23, 2023
LibreDWG v0.10 to v0.12.5 was discovered to contain a heap buffer overflow via the function bit_utf8_to_TU at bits.c.
Memory Corruption
LibreDWG 0.10-0.12.5 HL Buffer Overflow in bit_wcs2nlen (bits.c)
CVE-2023-36271
8.8 - High
- June 23, 2023
LibreDWG v0.10 to v0.12.5 was discovered to contain a heap buffer overflow via the function bit_wcs2nlen at bits.c.
Memory Corruption
Heap Overflow in GNU LibreDWG 0.12.5 (bit_read_RC)
CVE-2023-25222
8.8 - High
- March 01, 2023
A heap-based buffer overflow vulnerability exits in GNU LibreDWG v0.12.5 via the bit_read_RC function at bits.c.
Memory Corruption
Heap Buffer Overflow in LibreDWG v0.12.4.4643 decode_preR13_section_hdr
CVE-2022-45332
7.8 - High
- November 30, 2022
LibreDWG v0.12.4.4643 was discovered to contain a heap buffer overflow via the function decode_preR13_section_hdr at decode_r11.c.
Memory Corruption
LibreDWG 0.12.4 Heap UAF via bit_copy_chain
CVE-2022-35164
9.8 - Critical
- August 18, 2022
LibreDWG v0.12.4.4608 & commit f2dea29 was discovered to contain a heap use-after-free via bit_copy_chain.
Dangling pointer
There is an Assertion `int decode_preR13_entities(BITCODE_RL
CVE-2022-33024
7.5 - High
- June 23, 2022
There is an Assertion `int decode_preR13_entities(BITCODE_RL, BITCODE_RL, unsigned int, BITCODE_RL, BITCODE_RL, Bit_Chain *, Dwg_Data *' failed at dwg2dxf: decode.c:5801 in libredwg v0.12.4.4608.
assertion failure
LibreDWG v0.12.4.4608 was discovered to contain a heap-use-after-free
CVE-2022-33025
7.8 - High
- June 23, 2022
LibreDWG v0.12.4.4608 was discovered to contain a heap-use-after-free via the function decode_preR13_section at decode_r11.c.
Dangling pointer
LibreDWG v0.12.4.4608 was discovered to contain a heap buffer overflow
CVE-2022-33026
7.8 - High
- June 23, 2022
LibreDWG v0.12.4.4608 was discovered to contain a heap buffer overflow via the function bit_calc_CRC at bits.c.
Memory Corruption
LibreDWG v0.12.4.4608 was discovered to contain a heap-use-after-free
CVE-2022-33027
7.8 - High
- June 23, 2022
LibreDWG v0.12.4.4608 was discovered to contain a heap-use-after-free via the function dwg_add_handleref at dwg.c.
Dangling pointer
LibreDWG v0.12.4.4608 was discovered to contain a heap buffer overflow
CVE-2022-33028
7.8 - High
- June 23, 2022
LibreDWG v0.12.4.4608 was discovered to contain a heap buffer overflow via the function dwg_add_object at decode.c.
Memory Corruption
LibreDWG v0.12.4.4608 was discovered to contain a heap-buffer-overflow
CVE-2022-33032
7.8 - High
- June 23, 2022
LibreDWG v0.12.4.4608 was discovered to contain a heap-buffer-overflow via the function decode_preR13_section_hdr at decode_r11.c.
Memory Corruption
LibreDWG v0.12.4.4608 was discovered to contain a double-free
CVE-2022-33033
7.8 - High
- June 23, 2022
LibreDWG v0.12.4.4608 was discovered to contain a double-free via the function dwg_read_file at dwg.c.
Double-free
LibreDWG v0.12.4.4608 was discovered to contain a stack overflow
CVE-2022-33034
7.8 - High
- June 23, 2022
LibreDWG v0.12.4.4608 was discovered to contain a stack overflow via the function copy_bytes at decode_r2007.c.
Memory Corruption
A heap buffer overflow was discovered in copy_compressed_bytes in decode_r2007.c in dwgread before 0.12.4
CVE-2021-42585
8.8 - High
- May 23, 2022
A heap buffer overflow was discovered in copy_compressed_bytes in decode_r2007.c in dwgread before 0.12.4 via a crafted dwg file.
Memory Corruption
A heap buffer overflow was discovered in copy_bytes in decode_r2007.c in dwgread before 0.12.4
CVE-2021-42586
8.8 - High
- May 23, 2022
A heap buffer overflow was discovered in copy_bytes in decode_r2007.c in dwgread before 0.12.4 via a crafted dwg file.
Memory Corruption
LibreDWG 0.12.4.4313 through 0.12.4.4367 has an out-of-bounds write in dwg_free_BLOCK_private (called
CVE-2021-45950
6.5 - Medium
- January 01, 2022
LibreDWG 0.12.4.4313 through 0.12.4.4367 has an out-of-bounds write in dwg_free_BLOCK_private (called from dwg_free_BLOCK and dwg_free_object).
Memory Corruption
LibreDWG v0.12.3 was discovered to contain a NULL pointer dereference
CVE-2021-28236
7.5 - High
- December 02, 2021
LibreDWG v0.12.3 was discovered to contain a NULL pointer dereference via out_dxfb.c.
NULL Pointer Dereference
LibreDWG v0.12.3 was discovered to contain a heap-buffer overflow
CVE-2021-28237
9.8 - Critical
- December 02, 2021
LibreDWG v0.12.3 was discovered to contain a heap-buffer overflow via decode_preR13.
Memory Corruption
An issue was discovered in libredwg through v0.10.1.3751
CVE-2021-39521
6.5 - Medium
- September 20, 2021
An issue was discovered in libredwg through v0.10.1.3751. A NULL pointer dereference exists in the function bit_read_BB() located in bits.c. It allows an attacker to cause Denial of Service.
NULL Pointer Dereference
An issue was discovered in libredwg through v0.10.1.3751
CVE-2021-39530
8.8 - High
- September 20, 2021
An issue was discovered in libredwg through v0.10.1.3751. bit_wcs2nlen() in bits.c has a heap-based buffer overflow.
Memory Corruption
An issue was discovered in libredwg through v0.10.1.3751
CVE-2021-39528
8.8 - High
- September 20, 2021
An issue was discovered in libredwg through v0.10.1.3751. dwg_free_MATERIAL_private() in dwg.spec has a double free.
Double-free
An issue was discovered in libredwg through v0.10.1.3751
CVE-2021-39527
8.8 - High
- September 20, 2021
An issue was discovered in libredwg through v0.10.1.3751. appinfo_private() in decode.c has a heap-based buffer overflow.
Memory Corruption
An issue was discovered in libredwg through v0.10.1.3751
CVE-2021-39525
8.8 - High
- September 20, 2021
An issue was discovered in libredwg through v0.10.1.3751. bit_read_fixed() in bits.c has a heap-based buffer overflow.
Memory Corruption
An issue was discovered in libredwg through v0.10.1.3751
CVE-2021-39523
6.5 - Medium
- September 20, 2021
An issue was discovered in libredwg through v0.10.1.3751. A NULL pointer dereference exists in the function check_POLYLINE_handles() located in decode.c. It allows an attacker to cause Denial of Service.
NULL Pointer Dereference
An issue was discovered in libredwg through v0.10.1.3751
CVE-2021-39522
8.8 - High
- September 20, 2021
An issue was discovered in libredwg through v0.10.1.3751. bit_wcs2len() in bits.c has a heap-based buffer overflow.
Memory Corruption
GNU LibreDWG 0.12.3.4163 through 0.12.3.4191 has a double-free in bit_chain_free (called
CVE-2021-36080
8.8 - High
- July 01, 2021
GNU LibreDWG 0.12.3.4163 through 0.12.3.4191 has a double-free in bit_chain_free (called from dwg_encode_MTEXT and dwg_encode_add_object).
Double-free
A heap-based buffer overflow vulnerability exists in LibreDWG 0.10.1
CVE-2020-23861
5.5 - Medium
- May 18, 2021
A heap-based buffer overflow vulnerability exists in LibreDWG 0.10.1 via the read_system_page function at libredwg-0.10.1/src/decode_r2007.c:666:5, which causes a denial of service by submitting a dwg file.
Memory Corruption
GNU LibreDWG 0.10 is affected by: memcpy-param-overlap
CVE-2020-21844
8.8 - High
- May 17, 2021
GNU LibreDWG 0.10 is affected by: memcpy-param-overlap. The impact is: execute arbitrary code (remote). The component is: read_2004_section_header ../../src/decode.c:2580.
A heap based buffer overflow vulnerability exists in GNU LibreDWG 0.10 via read_2004_section_handles
CVE-2020-21831
8.8 - High
- May 17, 2021
A heap based buffer overflow vulnerability exists in GNU LibreDWG 0.10 via read_2004_section_handles ../../src/decode.c:2637.
Memory Corruption
A heap based buffer overflow vulnerability exits in GNU LibreDWG 0.10 via bit_read_RC
CVE-2020-21843
8.8 - High
- May 17, 2021
A heap based buffer overflow vulnerability exits in GNU LibreDWG 0.10 via bit_read_RC ../../src/bits.c:318.
Memory Corruption
A heap based buffer overflow vulnerability exists in GNU LibreDWG 0.10 via read_2004_section_revhistory
CVE-2020-21842
8.8 - High
- May 17, 2021
A heap based buffer overflow vulnerability exists in GNU LibreDWG 0.10 via read_2004_section_revhistory ../../src/decode.c:3051.
Memory Corruption
A null pointer deference issue exists in GNU LibreDWG 0.10 via read_2004_compressed_section
CVE-2020-21835
6.5 - Medium
- May 17, 2021
A null pointer deference issue exists in GNU LibreDWG 0.10 via read_2004_compressed_section ../../src/decode.c:2337.
NULL Pointer Dereference
A heap based buffer overflow vulnerability exits in GNU LibreDWG 0.10 via bit_read_B
CVE-2020-21841
8.8 - High
- May 17, 2021
A heap based buffer overflow vulnerability exits in GNU LibreDWG 0.10 via bit_read_B ../../src/bits.c:135.
Memory Corruption
A heap based buffer overflow vulnerability exits in GNU LibreDWG 0.10 via bit_search_sentinel
CVE-2020-21840
8.8 - High
- May 17, 2021
A heap based buffer overflow vulnerability exits in GNU LibreDWG 0.10 via bit_search_sentinel ../../src/bits.c:1985.
Memory Corruption
An issue was discovered in GNU LibreDWG 0.10
CVE-2020-21839
6.5 - Medium
- May 17, 2021
An issue was discovered in GNU LibreDWG 0.10. Crafted input will lead to an memory leak in dwg_decode_eed ../../src/decode.c:3638.
Memory Leak
A heap based buffer overflow vulnerability exits in GNU LibreDWG 0.10 via: read_2004_section_appinfo
CVE-2020-21838
8.8 - High
- May 17, 2021
A heap based buffer overflow vulnerability exits in GNU LibreDWG 0.10 via: read_2004_section_appinfo ../../src/decode.c:2842.
Memory Corruption
A heap based buffer overflow vulneraibility exists in GNU LibreDWG 0.10 via bit_calc_CRC
CVE-2020-21830
8.8 - High
- May 17, 2021
A heap based buffer overflow vulneraibility exists in GNU LibreDWG 0.10 via bit_calc_CRC ../../src/bits.c:2213.
Memory Corruption
A heap based buffer overflow vulnerability exists in GNU LibreDWG 0.10 via read_2004_compressed_section
CVE-2020-21832
8.8 - High
- May 17, 2021
A heap based buffer overflow vulnerability exists in GNU LibreDWG 0.10 via read_2004_compressed_section ../../src/decode.c:2417.
Memory Corruption
A heap based buffer overflow vulnerability exits in GNU LibreDWG 0.10 via: read_2004_section_classes
CVE-2020-21833
8.8 - High
- May 17, 2021
A heap based buffer overflow vulnerability exits in GNU LibreDWG 0.10 via: read_2004_section_classes ../../src/decode.c:2440.
Memory Corruption
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for GNU Libredwg or by GNU? Click the Watch button to subscribe.
