PT-2026-40343 · Adobe · Substance3D - Designer
Published
2026-05-12
·
Updated
2026-05-12
·
CVE-2026-34664
CVSS v3.1
6.3
Medium
| Vector | AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Substance3D - Designer versions prior to 15.1.1
Description
An improper limitation of a pathname to a restricted directory, known as Path Traversal, allows for arbitrary file system read. This issue enables an attacker to access sensitive files and directories outside the intended scope, provided the victim opens a malicious file.
Recommendations
Update to a version later than 15.1.0.
Fix
Path traversal
SSRF
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Substance3D - Designer