CVE-2026-1333

HIGH

SOLIDWORKS Desktop <2026 - Code Injection

Title source: llm

Description

A Use of Uninitialized Variable vulnerability affecting the EPRT file reading procedure in SOLIDWORKS eDrawings from Release SOLIDWORKS Desktop 2025 through Release SOLIDWORKS Desktop 2026 could allow an attacker to execute arbitrary code while opening a specially crafted EPRT file.

References (1)

[Various Sources] https://www.3ds.com/trust-center/security/security-advisories/cve-2026-1333

Scores

CVSS v3 7.8

EPSS 0.0002

EPSS Percentile 5.7%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-457

Status published

Products (2)

3ds/solidworks_edrawings 2025 (6 CPE variants)

3ds/solidworks_edrawings 2026 (2 CPE variants)

Published Feb 16, 2026

Tracked Since Feb 18, 2026