CVE-2026-1284 HIGH

CVE-2026-1284: Out-Of-Bounds Write vulnerability affecting the EPRT file reading procedure in SOLIDWORKS eDrawings from Release SOLIDWORKS Desktop 2025 through Release SOLIDWORKS Desktop 2026

Vendor Dassault Systèmes

Product SOLIDWORKS eDrawings

Weakness CWE-787

Published January 26, 2026

Last update February 26, 2026

View on NVD All CVEs

CVSS base score

7.8/10

Attack vector Local

Attack complexity Low

Privileges required None

User interaction Required

Confidentiality High

Integrity High

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

What the vulnerability does

01Description

An Out-Of-Bounds Write vulnerability affecting the EPRT file reading procedure in SOLIDWORKS eDrawings from Release SOLIDWORKS Desktop 2025 through Release SOLIDWORKS Desktop 2026 could allow an attacker to execute arbitrary code while opening a specially crafted EPRT file.

Key dates

02Disclosure timeline

January 26, 2026 CVE published

February 26, 2026 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2026-1284 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/787.html

Related vulnerabilities

Identifiers

CVE CVE-2026-1284

CWE CWE-787

CVSS 7.8 / HIGH

Affected versions

Vendor Dassault Systèmes

Product SOLIDWORKS eDrawings

Affected ≥ Release SOLIDWORKS Desktop 2025 SP0 and ≤ Release SOLIDWORKS Desktop 2025 SP5

Vendor Dassault Systèmes

Product SOLIDWORKS eDrawings

Affected Release SOLIDWORKS Desktop 2026 SP0

CVE-2026-1284: Out-Of-Bounds Write vulnerability affecting the EPRT file reading procedure in SOLIDWORKS eDrawings from Release SOLIDWORKS Desktop 2025 through Release SOLIDWORKS Desktop 2026

01Description

02Disclosure timeline

03References

04Related CVE