Which versions of Solid Edge SE2026 are affected by EUVD-2026-29436?

Siemens Solid Edge SE2026 contains a stack-based buffer overflow vulnerability (CVE-2026-44412, CVSS 7.3) that allows arbitrary code execution when users open malicious PAR files, posing significant…

Solid Edge SE2026 EUVD-2026-29436

Q: What is the CVSS score of EUVD-2026-29436?

EUVD-2026-29436 has a CVSS 4.0 base score of 7.3 (High). CVSS vector: CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X. EPSS exploitation probability: 0.0%.

Q: How to fix or mitigate EUVD-2026-29436?

Within 24 hours: Inventory all Siemens Solid Edge SE2026 installations and identify versions prior to V226.0 Update 5; notify affected engineering and manufacturing teams to avoid opening PAR files from untrusted sources. Within 7 days: Implement email filtering to block or quarantine PAR file attachments from external senders; configure file execution policies to restrict PAR file operations where operationally feasible; establish a reporting mechanism for suspicious file requests. Within 30 days: Monitor Siemens security advisories for patch availability (target: V226.0 Update 5 or later); evaluate sandboxing solutions for CAD file preview; conduct targeted security awareness training for engineering staff on social engineering tactics involving file sharing.

| CVE-2026-44412 HIGH

Stack-based Buffer Overflow (CWE-121)

2026-05-12 siemens

GHSA-38hh-m295-69vh

Buffer Overflow Stack Overflow

7.3

CVSS 4.0

CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Attack Vector

Local

Attack Complexity

High

Privileges Required

None

User Interaction

Scope

Lifecycle Timeline

Analysis Updated

May 12, 2026 - 10:30 vuln.today

v2 (cvss_changed)

Re-analysis Queued

May 12, 2026 - 10:22 vuln.today

cvss_changed

CVSS changed

May 12, 2026 - 10:22 NVD

7.8 (HIGH) 7.3 (HIGH)

Analysis Generated

May 12, 2026 - 10:04 vuln.today

CVE Published

May 12, 2026 - 08:21 nvd

HIGH 7.8

DescriptionNVD

A vulnerability has been identified in Solid Edge SE2026 (All versions < V226.0 Update 5). The affected applications contain a stack based overflow vulnerability while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current process.

AnalysisAI

Stack-based buffer overflow in Siemens Solid Edge SE2026 allows arbitrary code execution when users open malicious PAR files. Attackers must deliver a weaponized PAR file and convince the user to open it, after which code executes with user's privileges. …

RemediationAI

Within 24 hours: Inventory all Siemens Solid Edge SE2026 installations and identify versions prior to V226.0 Update 5; notify affected engineering and manufacturing teams to avoid opening PAR files from untrusted sources. Within 7 days: Implement email filtering to block or quarantine PAR file attachments from external senders; configure file execution policies to restrict PAR file operations where operationally feasible; establish a reporting mechanism for suspicious file requests. …

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

EUVD-2026-29436 vulnerability details – vuln.today

Back

Solid Edge SE2026 EUVD-2026-29436

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

RemediationAI

Analysis

Full analysis requires sign-in

Share

Solid Edge SE2026 EUVD-2026-29436

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

RemediationAI

Full analysis requires sign-in

Share

External POC / Exploit Code