CVE-2026-10094

Summary

A Path Traversal vulnerability affecting SOLIDWORKS Visualize from SOLIDWORKS Desktop Release 2024 through SOLIDWORKS Desktop Release 2026 could allow an attacker to write arbitrary files on the server.

Affected Software

VendorProductVersion RangeStatus
Dassault SystèmesSOLIDWORKS VisualizeSOLIDWORKS Desktop Release 2024 SP0 <= SOLIDWORKS Desktop Release 2024 SP5affected
Dassault SystèmesSOLIDWORKS VisualizeSOLIDWORKS Desktop Release 2025 SP0 <= SOLIDWORKS DesktopRelease 2025 SP5affected
Dassault SystèmesSOLIDWORKS VisualizeSOLIDWORKS Desktop Release 2026 SP0 <= SOLIDWORKS Desktop Release 2026 SP2.1affected

Weaknesses

  • CWE-22: CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: total

References