Ashlar-Vellum

Ashlar-Vellum is a software company known for CAD and design tools. This high-severity vulnerability (CVSS 7.8) requires local access and user interaction to exploit, but once triggered grants an attacker high-level privileges to compromise confidentiality, integrity, and availability of the affected system. Security teams should monitor for updates from Ashlar-Vellum (deadline June 6, 2026) and restrict local file access on systems running their products until patches are available.