LibreDWG: Malicious DWG files can crash the software

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

LibreDWG: Malicious DWG files can crash the software

CVE-2025-61154

Summary

LibreDWG versions 0.13.3.7571 through 0.13.3.7835 contain a vulnerability where a specially crafted DWG file can cause the software to crash. This is a security issue because it could bring down the entire application, making it unavailable for use. Update to the latest version to fix this issue.

Original title

Heap buffer overflow vulnerability in LibreDWG versions v0.13.3.7571 up to v0.13.3.7835 allows a crafted DWG file to cause a Denial of Service (DoS) via the function decompress_R2004_section at dec...

Original description

https://davizin.com/cves/CVE-2025-61154.html
https://github.com/LibreDWG/libredwg/issues/1180

Published: 12 Mar 2026 · Updated: 13 Mar 2026 · First seen: 12 Mar 2026