Is Solidworks Desktop affected by CVE-2026-3476?

A high-severity code injection vulnerability in SOLIDWORKS Desktop (versions 2025-2026) could allow attackers to execute arbitrary code on affected systems through maliciously crafted files, potentially compromising sensitive CAD designs, intellectual property, and system integrity.

CVE-2026-3476

EUVD-2026-12419 HIGH

2026-03-16 3DS

7.8

CVSS 3.1

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Attack Vector

Local

Attack Complexity

Low

Privileges Required

None

User Interaction

Required

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

Analysis Generated

Mar 16, 2026 - 12:00 vuln.today

EUVD ID Assigned

Mar 16, 2026 - 12:00 euvd

EUVD-2026-12419

CVE Published

Mar 16, 2026 - 11:48 nvd

HIGH 7.8

Description

A Code Injection vulnerability affecting in SOLIDWORKS Desktop from Release 2025 through Release 2026 could allow an attacker to execute arbitrary code on the user's machine while opening a specially crafted file.

Analysis

A code injection vulnerability in SOLIDWORKS Desktop releases 2025 through 2026 allows attackers to execute arbitrary code on victim machines by tricking users into opening specially crafted files. The vulnerability requires local access and user interaction but provides complete system compromise with high impact to confidentiality, integrity, and availability (CVSS 7.8). …

Remediation

Within 24 hours: Inventory all SOLIDWORKS Desktop installations across the organization and identify users in versions 2025-2026; communicate the vulnerability to affected teams and restrict file sharing from untrusted sources. Within 7 days: Implement network segmentation to isolate SOLIDWORKS workstations, disable potentially dangerous file import features if operationally feasible, and establish a user awareness campaign warning against opening unexpected CAD files from external parties. …

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

Priority Score

Low Medium High Critical

KEV: 0

EPSS: +0.0

CVSS: +39

POC: 0

CVE-2026-3476 vulnerability details – vuln.today

Back

CVE-2026-3476

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Remediation

Analysis

Full analysis requires sign-in

Priority Score

Share

CVE-2026-3476

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Remediation

Full analysis requires sign-in

Priority Score

Share

External POC / Exploit Code