PT-2026-6014 · Autodesk · Autodesk 3Ds Max+1

Published

2026-02-04

Updated

2026-02-09

CVE-2026-0659

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Autodesk Arnold (affected versions not specified) Autodesk 3ds Max (affected versions not specified)

Description A specially designed USD file can cause an Out-of-Bounds Write issue when opened or imported into Autodesk Arnold or Autodesk 3ds Max. An attacker could potentially use this to run code with the same permissions as the current process.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-787

Related Identifiers

CVE-2026-0659

Affected Products

Autodesk 3Ds Max

Autodesk Arnold

PT-2026-6014 · Autodesk · Autodesk 3Ds Max+1

CVE-2026-0659

Weakness Enumeration

Related Identifiers

Affected Products

References · 6