CVE-2026-1333

HIGH

SOLIDWORKS Desktop <2026 - Code Injection

Title source: llm

Description

A Use of Uninitialized Variable vulnerability affecting the EPRT file reading procedure in SOLIDWORKS eDrawings from Release SOLIDWORKS Desktop 2025 through Release SOLIDWORKS Desktop 2026 could allow an attacker to execute arbitrary code while opening a specially crafted EPRT file.

References (1)

[Various Sources] https://www.3ds.com/trust-center/security/security-advisories/cve-2026-1333

Scores

CVSS v3 7.8

EPSS 0.0002

EPSS Percentile 3.5%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Classification

CWE

CWE-457

Status published

Affected Products (8)

3ds/solidworks_edrawings

Timeline

Published Feb 16, 2026

Tracked Since Feb 18, 2026