PT-2026-22213

Name of the Vulnerable Software and Affected Versions Manyfold versions prior to 0.133.1 Description Manyfold is a self-hosted web application for managing 3d models. A flaw exists in the get model method within the ModelFilesController lines 158-160 where models are loaded using Model.find...

EUVD-2026-8776

Manyfold is an open source, self-hosted web application for managing a collection of 3d models, particularly focused on 3d printing. Versions prior to 0.133.0 are vulnerable to session hijack via cookie leakage in proxy caches. Version 0.133.0 fixes the issue...

PT-2026-22040

Name of the Vulnerable Software and Affected Versions Manyfold versions prior to 0.133.0 Description Manyfold is a self-hosted web application used for managing 3D models, with a focus on 3D printing. Prior to version 0.133.0, a logged-in user could achieve Remote Code Execution RCE when model...

Qilin Ransomware Gang Claims 4TB Data Breach at Nissan CBI

Qilin ransomware claims a 4TB data breach at Nissan CBI, leaking car design files, financial data, 3D models,…...

PT-2025-3297 · Unknown · 3D Engine Module

Name of the Vulnerable Software and Affected Versions: 3D engine module affected versions not specified Description: The issue concerns the lack of verification of input parameters during the loading of glTF models in the 3D engine module. Successful exploitation of this issue may impact...

CVE-2024-23140

A maliciously crafted 3DM and MODEL file, when parsed in opennurbs.dll and atfapi.dll through Autodesk applications, can force an Out-of-Bound Read. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current...

PT-2024-19678

Name of the Vulnerable Software and Affected Versions Autodesk AutoCAD affected versions not specified Description A maliciously crafted MODEL 3DM, STP, or SLDASM file, when parsed through Autodesk applications using opennurbs.dll, can lead to a memory corruption issue by write access violation...

Apple macOS Ventura 缓冲区错误漏洞

Apple macOS Ventura is a desktop operating system from Apple Inc. in the United States. A buffer error vulnerability exists in Apple macOS Ventura version 13.4, which stems from the fact that processing 3D models may result in a process memory leak...

Apple macOS Ventura 缓冲区错误漏洞

Apple macOS Ventura is a desktop operating system from Apple Inc. in the United States. A buffer error vulnerability exists in Apple macOS Ventura version 13.4, which stems from the fact that processing 3D models may result in a process memory leak...

Apple macOS Ventura 缓冲区错误漏洞

Apple macOS Ventura is a desktop operating system from Apple Inc. in the United States. A buffer error vulnerability exists in Apple macOS Ventura version 13.4, which stems from the fact that processing 3D models may result in a process memory leak...

PDF-XChange Editor 缓冲区错误漏洞

Tracker Software PDF-XChange Editor is a suite of software for viewing and editing PDF format files from Tracker Software, a Canadian company. A security vulnerability exists in PDF-XChange Editor that stems from a problem with the parsing of certain U3D files...

Open Asset Import Library 缓冲区错误漏洞

Open Asset Import Library is a library for importing and exporting various 3d model formats, including scene post-processing to generate missing render data. A security vulnerability exists in Open Asset Import Library assimp that stems from the library containing a segmentation violation...

Unspecified Vulnerability in KUKA Sim Pro

KUKA Sim Pro is a simulation and machine programming software. A security vulnerability exists in KUKA Sim Pro, which can be exploited by an attacker to cause loss of integrity of external 3D models obtained from a remote server...