CVE-2026-44411 | THREATINT

Description

A vulnerability has been identified in Solid Edge SE2026 (All versions < V226.0 Update 5). The affected application is vulnerable to uninitialized pointer access while parsing specially crafted PAR files. An attacker could leverage this vulnerability to execute code in the context of the current process.

PUBLISHED Reserved 2026-05-06 | Published 2026-05-12 | Updated 2026-05-12 | Assigner siemens

HIGH: 7.8CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

HIGH: 7.3CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Problem types

CWE-824: Access of Uninitialized Pointer

Product status

Default status

unknown

Any version before V226.0 Update 5

affected

References

cert-portal.siemens.com/productcert/html/ssa-921111.html

cve.org (CVE-2026-44411)

nvd.nist.gov (CVE-2026-44411)

Download JSON