Ashlar-Vellum

Ashlar-Vellum is a software company known for CAD and design applications. This high-severity vulnerability (CVSS 7.8) can be exploited locally without authentication or user privileges, requiring only user interaction to trigger, and could result in complete compromise of system confidentiality, integrity, and availability. Security teams should monitor for exploitation attempts targeting Ashlar-Vellum products and prepare patches before the March 2026 vendor deadline, as this local privilege escalation poses significant risk to design professionals and organizations using their tools.