The application contains a use-after-free vulnerability that can be exploited to cause memory corruption while parsing specially crafted files. This could allow an attacker to execute arbitrary code in the context of the current process.

Project Subscriptions

Vendors Products
Labcenter Subscribe
Proteus Subscribe
Advisories

No advisories yet.

Fixes

Solution

Labcenter recommends ensuring you are using the latest version (9.2 SPO) of the software. Version can be found by looking at the bottom left of the Proteus home page (Version 8 or higher) or by selecting the About ISIS or About ARES option from the Help menu. Update notifications appear in the new and information section of the home page where you can activate the download and installation directly. If you have questions or need help please contact Labcenter or your local distributor.


Workaround

No workaround given by the vendor.

History

Wed, 08 Jul 2026 00:15:00 +0000

Type Values Removed Values Added
First Time appeared Labcenter
Labcenter proteus
Vendors & Products Labcenter
Labcenter proteus

Tue, 07 Jul 2026 22:15:00 +0000

Type Values Removed Values Added
Description The application contains a use-after-free vulnerability that can be exploited to cause memory corruption while parsing specially crafted files. This could allow an attacker to execute arbitrary code in the context of the current process.
Title Use After Free in Labcenter Proteus
Weaknesses CWE-416
References
Metrics cvssV3_1

{'score': 7.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H'}

cvssV4_0

{'score': 8.4, 'vector': 'CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N'}


Projects

Sign in to view the affected projects.

cve-icon MITRE

Status: PUBLISHED

Assigner: icscert

Published:

Updated: 2026-07-07T21:52:25.406Z

Reserved: 2026-06-03T15:40:50.731Z

Link: CVE-2026-42958

cve-icon Vulnrichment

No data.

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-07-08T09:00:14Z

Weaknesses