A vulnerability marked as critical has been reported in GNU LibreDWG up to 0.14 . The affected element is the function read_2004_compressed_section of the file src/decode.c of the component Dwgread Utility . Performing a manipulation results in heap-based buffer overflow. This vulnerability is identified as CVE-2026-9500 . The attack is only possible with local access. Additionally, an exploit exists. The project was informed of the problem early through an issue report but has not responded yet