CVE-2026-56111

Marlin Firmware through 2.1.2.7, fixed in commit 1f255d1, when built with MESHBEDLEVELING enabled, contains an out-of-bounds write vulnerability in the M421 G-code handler that allows attackers to corrupt firmware memory by supplying out-of-range X and Y grid indices. Attackers can send a single...

CVE-2026-56111

Marlin Firmware 2.1.2.7 with MESH_BED_LEVELING enabled is affected. The vulnerability is an out-of-bounds write in the M421 G-code handler that allows an attacker-controlled 32-bit float value to be written past the z_values array bounds by providing crafted X/Y grid indices. This can corrupt adj...

SUSE CVE-2023-47268

In libslic3r/GCode/PostProcessor.cpp in Prusa PrusaSlicer through 2.6.1, a crafted 3mf project file can execute arbitrary code on a host where the project is sliced and G-code exported...

EUVD-2023-51398

In libslic3r/GCode/PostProcessor.cpp in Prusa PrusaSlicer through 2.6.1, a crafted 3mf project file can execute arbitrary code on a host where the project is sliced and G-code exported...

CVE-2023-47268

In libslic3r/GCode/PostProcessor.cpp in Prusa PrusaSlicer through 2.6.1, a crafted 3mf project file can execute arbitrary code on a host where the project is sliced and G-code exported...

Engineering Attack Vectors and Detecting Anomalies in Additive Manufacturing

Additive manufacturing AM is rapidly integrating into critical sectors such as aerospace, automotive, and healthcare. However, this cyber-physical convergence introduces new attack surfaces, especially at the interface between computer-aided design CAD and machine execution layers. In this work, ...

[SECURITY] Fedora 42 Update: CuraEngine-5.4.0-10.fc42

CuraEngine is a C++ console application for 3D printing G-code generation. It has been made as a better and faster alternative to the old Skeinforge engine. This is just a console application for G-code generation. For a full graphical application look at cura with is the graphical frontend for...

[SECURITY] Fedora 43 Update: CuraEngine-5.4.0-10.fc43

CuraEngine is a C++ console application for 3D printing G-code generation. It has been made as a better and faster alternative to the old Skeinforge engine. This is just a console application for G-code generation. For a full graphical application look at cura with is the graphical frontend for...

EUVD-2018-1928

Malware in sbrugna...

One Video to Steal Them All: 3D-Printing IP Theft through Optical Side-Channels

The 3D printing industry is rapidly growing and increasingly adopted across various sectors including manufacturing, healthcare, and defense. However, the operational setup often involves hazardous environments, necessitating remote monitoring through cameras and other sensors, which opens the do...

CVE-2024-22809

Incorrect access control in Tormach xsTECH CNC Router, PathPilot Controller v2.9.6 allows attackers to access the G code's shared folder and view sensitive information...

CVE-2020-16205

Using a specially crafted URL command, a remote authenticated user can execute commands as root on the G-Cam and G-Code Firmware Versions 1.12.0.25 and prior as well as the limited Versions 1.12.13.2 and 1.12.14.5...

CVE-2024-51330

An issue in UltiMaker Cura v.4.41 and 5.8.1 and before allows a local attacker to execute arbitrary code via Inter-process communication IPC mechanism between Cura application and CuraEngine processes, localhost network stack, printing settings and G-code processing and transmission components,...

CVE-2024-51330

An issue in UltiMaker Cura v.4.41 and 5.8.1 and before allows a local attacker to execute arbitrary code via Inter-process communication IPC mechanism between Cura application and CuraEngine processes, localhost network stack, printing settings and G-code processing and transmission components,...

CVE-2024-51330

CVE-2024-51330 affects UltiMaker Cura up to v4.41 and v5.8.1 and earlier, enabling a local attacker to execute arbitrary code via the Inter-process communication (IPC) between the Cura GUI and CuraEngine, the localhost network stack, and related printing/G-code components on Ultimaker 3D printers...

CVE-2024-51330

An issue in UltiMaker Cura v.4.41 and 5.8.1 and before allows a local attacker to execute arbitrary code via Inter-process communication IPC mechanism between Cura application and CuraEngine processes, localhost network stack, printing settings and G-code processing and transmission components,...

PT-2024-34600 · Ultimaker · Ultimaker Cura

Name of the Vulnerable Software and Affected Versions: UltiMaker Cura versions 4.41 and 5.8.1 and earlier Description: The issue allows a local attacker to execute arbitrary code via the Inter-process communication IPC mechanism between the Cura application and CuraEngine processes, localhost...

CVE-2024-22809

Incorrect access control in Tormach xsTECH CNC Router, PathPilot Controller v2.9.6 allows attackers to access the G code's shared folder and view sensitive information...

CVE-2024-22809

Incorrect access control in Tormach xsTECH CNC Router, PathPilot Controller v2.9.6 allows attackers to access the G code's shared folder and view sensitive information...

CVE-2024-22809

Incorrect access control in Tormach xsTECH CNC Router, PathPilot Controller v2.9.6 allows attackers to access the G code's shared folder and view sensitive information...