HIGHCVE-2026-3476Published Modified CNA 3DS
CVE-2026-3476: Code Injection vulnerability affecting SOLIDWORKS Desktop from Release 2025 through Release 2026
A Code Injection vulnerability affecting SOLIDWORKS Desktop from Release 2025 through Release 2026 could allow an attacker to execute arbitrary code on the user's machine while opening a specially crafted file.
Metrics
- CVSS v3.1
- 7.8
- Severity
- HIGH
- Fixed in
- —
- Affected Products
- 1
Affected packages
- Dassault Systèmes / SOLIDWORKS Desktop≤ Release 2025 SP5 · Release 2026 SP0
CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HReferences