Heap-Based Buffer Overflow in HiDraw XML Parser
CVE-2026-7310

4.4MEDIUM

Key Information:

Vendor: Hitachi
Status: Mach Hidraw
Vendor: CVE Published:; 26 May 2026

What is CVE-2026-7310?

A heap-based buffer overflow vulnerability exists in the XML parser functionality of HiDraw. An authenticated malicious user with local access can exploit this issue by crafting a malicious XML file, potentially leading to memory corruption and allowing for arbitrary code execution. This exploit could result in application crashes, resulting in denial of service, and compromises the confidentiality and integrity of the affected system.

Affected Version(s)

MACH HiDraw 9.0 < 9.22

References

https://publisher.hitachienergy.com/preview?DocumentID=8D...

CVSS V4

Score:

4.4

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

Unknown

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 26, 2026
Vulnerability Reserved
Apr 28, 2026

CVE-2026-7310 Data

JSON

Hitachi

What is CVE-2026-7310?

Affected Version(s)

References

CVSS V4

Timeline