CVE-2026-0662

High CVSS: 7.8

A maliciously crafted project directory, when opening a max file in Autodesk 3ds Max, could lead to execution of arbitrary code in the context of the current process due to an Untrusted Search Path being utilized.

Vendor

Autodesk

Product

3ds Max

CWE

CWE-426

Yayın Tarihi

2026-02-04 17:16:13

Güncelleme

2026-02-06 14:45:33

Source Identifier

psirt@autodesk.com

KEV Date Added

Kategoriler

CWE-426 3ds Max HIGH Autodesk 2026

Referanslar

https://www.autodesk.com/products/autodesk-access/overview https://www.autodesk.com/trust/security-advisories/adsk-sa-2026-0002

Benzer Kayıtlar

High

CVE-2026-0874

A maliciously crafted CATPART file, when parsed through certain Autodesk products, can force an Out-of-Bounds Write vuln…

High

CVE-2026-0875

A maliciously crafted MODEL file, when parsed through certain Autodesk products, can force an Out-of-Bounds Write vulner…

High

CVE-2026-0536

A maliciously crafted GIF file, when parsed through Autodesk 3ds Max, can cause a Stack-Based Buffer Overflow vulnerabil…

High

CVE-2026-0537

A maliciously crafted RGB file, when parsed through Autodesk 3ds Max, can force a Memory Corruption vulnerability. A mal…

High

CVE-2026-0538

A maliciously crafted GIF file, when parsed through Autodesk 3ds Max, can force an Out-of-Bounds Write vulnerability. A…

High

CVE-2026-0660

A maliciously crafted GIF file, when parsed through Autodesk 3ds Max, can cause a Stack-Based Buffer Overflow vulnerabil…