Deserialization in Dassault Systèmes Magic Collaboration Studio
CVE-2026-7858
A Deserialization of Untrusted Data vulnerability affecting Teamwork Cloud from No Magic Release 2022x through No Magic Release 2026x and Magic Collaboration Studio from CATIA Magic Release 2022x through CATIA Magic Release 2026x could lea…
Vulnerability class: Insecure Deserialization
EPSS: 0.003 (57.2th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 9.8 (Critical). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H.
Affected products
- Dassault Systèmes Magic Collaboration Studio — versions CATIA Magic Release 2022x Golden, CATIA Magic Release 2024x Golden, CATIA Magic Release 2026x Golden
- Dassault Systèmes Teamwork Cloud - Business Edition — versions No Magic Release 2022x Golden, No Magic Release 2024x Golden, No Magic Release 2026x Golden
- Dassault Systèmes Teamwork Cloud - Business Pro Edition — versions No Magic Release 2022x Golden, No Magic Release 2024x Golden, No Magic Release 2026x Golden
- Dassault Systèmes Teamwork Cloud - Enterprise Edition — versions No Magic Release 2022x Golden, No Magic Release 2024x Golden, No Magic Release 2026x Golden
- Dassault Systèmes Teamwork Cloud - Standard Edition — versions No Magic Release 2022x Golden, No Magic Release 2024x Golden, No Magic Release 2026x Golden
Weakness classification (CWE)
References
Frequently asked questions
- What is CVE-2026-7858?
- CVE-2026-7858 is a critical-severity vulnerability in Dassault Systèmes Magic Collaboration Studio, classified under Deserialization of Untrusted Data. CVSS score: 9.8/10. Published 2026-06-01.
- How severe is CVE-2026-7858?
- Critical severity. CVSS v3 base score is 9.8 out of 10.