PT-2026-24386 · Adobe · Substance3D - Painter
Michele Spagnuolo
·
Published
2026-03-10
·
Updated
2026-03-12
·
CVE-2026-27217
CVSS v3.1
5.5
Medium
| Vector | AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
Substance3D - Painter versions 11.1.2 and earlier
Description
The software is susceptible to a NULL Pointer Dereference issue, potentially leading to a denial-of-service condition. Successful exploitation of this issue requires a user to open a specially crafted malicious file, which can cause the application to crash and become unavailable.
Recommendations
Versions prior to 11.1.2 should be updated.
Fix
DoS
NULL Pointer Dereference
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Substance3D - Painter