2 matches found
CVE-2026-21344
Substance3D Stager versions 3.1.6 and earlier are affected by an out-of-bounds read when parsing a crafted file, allowing code execution in the current user’s context. Exploitation requires user interaction (victim opens a malicious file). Remediation: upgrade to 3.1.7 or later per APSB26-20.
CVE-2026-21344
Substance3D - Stager versions 3.1.6 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current...