Autodesk 3ds Max
18 CVEs affecting Autodesk 3ds Max. Latest disclosed: 2026-05-26. Critical: 0, High: 15.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-0661 | High | 8.4 | 2026-02-04 | A maliciously crafted RGB file, when parsed through Autodesk 3ds Max, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerab… |
CVE-2026-0660 | High | 8.4 | 2026-02-04 | A maliciously crafted GIF file, when parsed through Autodesk 3ds Max, can cause a Stack-Based Buffer Overflow vulnerability. A malicious actor can leverage thi… |
CVE-2026-0538 | High | 8.4 | 2026-02-04 | A maliciously crafted GIF file, when parsed through Autodesk 3ds Max, can force an Out-of-Bounds Write vulnerability. A malicious actor can leverage this vulne… |
CVE-2026-0537 | High | 8.4 | 2026-02-04 | A maliciously crafted RGB file, when parsed through Autodesk 3ds Max, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerab… |
CVE-2026-7454 | High | 7.8 | 2026-05-26 | A maliciously crafted WRL file, when parsed through Autodesk 3ds Max, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerab… |
CVE-2026-7452 | High | 7.8 | 2026-05-26 | A maliciously crafted WRL file, when parsed through Autodesk 3ds Max, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerab… |
CVE-2026-7451 | High | 7.8 | 2026-05-26 | A maliciously crafted TIF file, when parsed through Autodesk 3ds Max, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulne… |
CVE-2026-0536 | High | 7.8 | 2026-02-04 | A maliciously crafted GIF file, when parsed through Autodesk 3ds Max, can cause a Stack-Based Buffer Overflow vulnerability. A malicious actor can leverage thi… |
CVE-2026-0662 | High | 7.8 | 2026-02-04 | A maliciously crafted project directory, when opening a max file in Autodesk 3ds Max, could lead to execution of arbitrary code in the context of the current p… |
CVE-2026-0659 | High | 7.8 | 2026-02-04 | A maliciously crafted USD file, when loaded or imported into Autodesk Arnold or Autodesk 3ds Max, can force an Out-of-Bounds Write vulnerability. A malicious a… |
CVE-2025-11797 | High | 7.8 | 2025-11-12 | A maliciously crafted DWG file, when parsed through Autodesk 3ds Max, can force a Use-After-Free vulnerability. A malicious actor can leverage this vulnerabili… |
CVE-2025-11795 | High | 7.8 | 2025-11-12 | A maliciously crafted JPG file, when parsed through Autodesk 3ds Max, can force an Out-of-Bounds Write vulnerability. A malicious actor can leverage this vulne… |
CVE-2025-6634 | High | 7.8 | 2025-08-06 | A maliciously crafted TGA file, when linked or imported into Autodesk 3ds Max, can force a Memory Corruption vulnerability. A malicious actor can leverage this… |
CVE-2025-6633 | High | 7.8 | 2025-08-06 | A maliciously crafted RBG file, when parsed through Autodesk 3ds Max, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulne… |
CVE-2025-5039 | High | 7.8 | 2025-07-24 | A maliciously crafted binary file, when present while loading files in certain Autodesk applications, could lead to execution of arbitrary code in the context… |
CVE-2026-7453 | Medium | 5.5 | 2026-05-26 | A maliciously crafted WRL file, when parsed through Autodesk 3ds Max, can cause a Stack Exhaustion vulnerability, leading to a denial-of-service condition. |
CVE-2026-7450 | Medium | 5.5 | 2026-05-26 | A maliciously crafted PAR file, when parsed through Autodesk 3ds Max, can force a NULL Pointer Dereference vulnerability. Successful exploitation may cause the… |
CVE-2025-6632 | Medium | 5.3 | 2025-08-06 | A maliciously crafted PSD file, when linked or imported into Autodesk 3ds Max, can force an Out-of-Bounds Read vulnerability. A malicious actor can leverage th… |