CVE-2026-0538

A maliciously crafted GIF file, when parsed through Autodesk 3ds Max, can force an Out-of-Bounds Write vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process.
Configurations

Configuration 1 (hide)

cpe:2.3:a:autodesk:3ds_max:*:*:*:*:*:*:*:*

History

03 Jun 2026, 14:16

Type Values Removed Values Added
CVSS v2 : unknown
v3 : 7.8
v2 : unknown
v3 : 8.4
Summary
  • (es) Un archivo GIF manipulado maliciosamente, al ser analizado por Autodesk 3ds Max, puede provocar una vulnerabilidad de escritura fuera de límites. Un actor malicioso puede aprovechar esta vulnerabilidad para ejecutar código arbitrario en el contexto del proceso actual.

06 Feb 2026, 17:49

Type Values Removed Values Added
References () https://www.autodesk.com/products/autodesk-access/overview - () https://www.autodesk.com/products/autodesk-access/overview - Product
References () https://www.autodesk.com/trust/security-advisories/adsk-sa-2026-0002 - () https://www.autodesk.com/trust/security-advisories/adsk-sa-2026-0002 - Vendor Advisory
CPE cpe:2.3:a:autodesk:3ds_max:*:*:*:*:*:*:*:*
First Time Autodesk 3ds Max
Autodesk

04 Feb 2026, 17:16

Type Values Removed Values Added
New CVE

Information

Published : 2026-02-04 17:16

Updated : 2026-06-17 10:10


NVD link : CVE-2026-0538

Mitre link : CVE-2026-0538

CVE.ORG link : CVE-2026-0538


JSON object : View

Products Affected

autodesk

  • 3ds_max
CWE
CWE-787

Out-of-bounds Write