CVE-2026-4345

Name of the Vulnerable Software and Affected Versions Autodesk Fusion (affected versions not specified)

Description A stored Cross-site Scripting (XSS) issue exists in the Autodesk Fusion desktop application. This occurs when a maliciously crafted HTML payload is stored in a design name and subsequently exported to CSV. An attacker could use this to read local files or execute arbitrary code within the context of the current process.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.