Local Data Validation Flaw in NX PDF Export Arbitrary Code Exec
CVE-2026-22923 Published on February 10, 2026
A vulnerability has been identified in NX (All versions < V2512). The affected application contains a data validation vulnerability that could allow an attacker with local access to interfere with internal data during the PDF export process that could potentially lead to arbitrary code execution.
Weakness Type
What is a Stack Overflow Vulnerability?
A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).
CVE-2026-22923 has been classified to as a Stack Overflow vulnerability or weakness.
Products Associated with CVE-2026-22923
You can be notified by email with stack.watch whenever vulnerabilities like CVE-2026-22923 are published in Siemens Nx:
Affected Versions
Siemens NX:- Before V2512 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.