CVE-2025-54260

Name of the Vulnerable Software and Affected Versions: Substance3D - Modeler versions 1.22.2 and earlier

Description: Substance3D - Modeler is affected by an out-of-bounds read issue when processing a specially crafted file. This can lead to reading beyond the boundaries of allocated memory. An attacker could potentially use this to execute code with the privileges of the current user. User interaction is required, as a victim must open a malicious file for exploitation to occur.

Recommendations: Versions prior to 1.22.2 are affected. At the moment, there is no information about a newer version that contains a fix for this vulnerability.