Ashlar-Vellum

Ashlar-Vellum is a software company known for design and visualization tools used in architecture and engineering. This is a high-severity local vulnerability (CVSS 7.8) that requires user interaction to exploit but requires no authentication, and can result in complete compromise of confidentiality, integrity, and availability on an affected system. Security teams should monitor for exploitation attempts targeting Ashlar-Vellum users and prepare patching procedures ahead of the May 2026 vendor deadline.