PT-2026-40327 · Adobe · Substance3D - Painter
Published
2026-05-12
·
Updated
2026-05-12
·
CVE-2026-34676
CVSS v3.1
7.8
High
| Vector | AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Substance3D - Painter versions prior to 12.0.3
Description
An out-of-bounds write issue exists where memory is written outside the intended buffer, which could lead to arbitrary code execution in the context of the current user. This requires user interaction, specifically the opening of a malicious file.
Recommendations
Update to a version later than 12.0.2.
Fix
Memory Corruption
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Substance3D - Painter