CVE-2026-7310

A heap-based buffer overflow vulnerability exists in XML parser functionality in the HiDraw. An authenticated malicious user with local access can exploit this vulnerability using a specially crafted XML file which may lead to memory corruption and potential arbitrary code execution. Successful exploitation could result in application crashes (denial of service) and compromise the confidentiality and integrity of the affected system.

CVSS

No CVSS.

References

Link	Resource
https://publisher.hitachienergy.com/preview?DocumentID=8DBD000248&LanguageCode=en&DocumentPartId=&Action=Launch

Configurations

No configuration.

History

26 May 2026, 14:16

Type	Values Removed	Values Added
New CVE

Information

Published : 2026-05-26 14:16

Updated : 2026-05-26 20:03

NVD link : CVE-2026-7310

Mitre link : CVE-2026-7310

CVE.ORG link : CVE-2026-7310

JSON object : View

Products Affected

No product.

CWE

CWE-122

Heap-based Buffer Overflow

{"id": "CVE-2026-7310", "cveTags": [], "metrics": {"cvssMetricV40": [{"type": "Secondary", "source": "cybersecurity@hitachienergy.com", "cvssData": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 4.4, "Automatable": "NOT_DEFINED", "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:A/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "ACTIVE", "attackComplexity": "HIGH", "attackRequirements": "PRESENT", "privilegesRequired": "LOW", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "LOW", "integrityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "availabilityRequirement": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "LOW", "confidentialityRequirement": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED"}}]}, "published": "2026-05-26T14:16:40.523", "references": [{"url": "https://publisher.hitachienergy.com/preview?DocumentID=8DBD000248&LanguageCode=en&DocumentPartId=&Action=Launch", "source": "cybersecurity@hitachienergy.com"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Primary", "source": "cybersecurity@hitachienergy.com", "description": [{"lang": "en", "value": "CWE-122"}]}], "descriptions": [{"lang": "en", "value": "A heap-based buffer overflow vulnerability exists in XML\nparser functionality in the HiDraw. An authenticated\nmalicious user with local access can exploit this\nvulnerability using a specially crafted XML file which may\nlead to memory corruption and potential arbitrary code\nexecution. Successful exploitation could result in\napplication crashes (denial of service) and compromise the\nconfidentiality and integrity of the affected system."}], "lastModified": "2026-05-26T20:03:50.687", "sourceIdentifier": "cybersecurity@hitachienergy.com"}

CVE-2026-7310

JSON object

Attach tags to CVE-2026-7310

Attach tags to `CVE-2026-7310`