Remote Code Execution Vulnerability in Labcenter Electronics Proteus
CVE-2026-5495

7.8HIGH

Key Information:

Vendor: Labcenter Electronics
Status: Proteus
Vendor: CVE Published:; 11 April 2026

🔔 Create Labcenter Electronics Vulnerability Alert

What is CVE-2026-5495?

A vulnerability exists within the Labcenter Electronics Proteus software, specifically in the processing of PDSPRJ files. This flaw allows remote attackers to execute arbitrary code. The exploitation requires user interaction, meaning that the target must visit a malicious website or open a compromised file. The root cause is the inadequate validation of user-supplied data, which leads to writing beyond the end of a buffer. Successful exploitation can allow attackers to execute code within the context of the current process, posing significant risks to system integrity.

Affected Version(s)

Proteus 8.17 SP5

References

https://www.zerodayinitiative.com/advisories/ZDI-26-257/

x_research-advisory

CVSS V3.0

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 11, 2026
Vulnerability Reserved
Apr 3, 2026

CVE-2026-5495 Data

JSON