CVE-2026-4344

Name of the Vulnerable Software and Affected Versions Autodesk Fusion desktop application (affected versions not specified)

Description A stored Cross-site Scripting (XSS) issue exists where a maliciously crafted HTML payload in a component name can be triggered when displayed during the delete confirmation dialog and clicked by a user. This could allow an attacker to read local files or execute arbitrary code within the context of the current process.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.