Autodesk Fusion
7 CVEs affecting Autodesk Fusion. Latest disclosed: 2026-04-14. Critical: 0, High: 7.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-10244 | High | 8.7 | 2025-09-23 | A maliciously crafted HTML payload, when rendered by the Autodesk Fusion desktop application, can trigger a Stored Cross-site Scripting (XSS) vulnerability. A… |
CVE-2026-0535 | High | 8.1 | 2026-01-22 | A maliciously crafted HTML payload, stored in a component’s description and clicked by a user, can trigger a Stored Cross-site Scripting (XSS) vulnerability in… |
CVE-2026-0534 | High | 8.1 | 2026-01-22 | A maliciously crafted HTML payload, stored in a part’s attribute and clicked by a user, can trigger a Stored Cross-site Scripting (XSS) vulnerability in the Au… |
CVE-2026-0533 | High | 8.1 | 2026-01-22 | A maliciously crafted HTML payload in a design name, when displayed during the delete confirmation dialog and clicked by a user, can trigger a Stored Cross-sit… |
CVE-2026-4344 | High | 7.1 | 2026-04-14 | A maliciously crafted HTML payload in a component name, when displayed during the delete confirmation dialog and clicked by a user, can trigger a Stored Cross-… |
CVE-2026-4345 | High | 7.1 | 2026-04-14 | A maliciously crafted HTML payload, stored in a design name and exported to CSV, can trigger a Stored Cross-site Scripting (XSS) vulnerability in the Autodesk… |
CVE-2026-4369 | High | 7.1 | 2026-04-14 | A maliciously crafted HTML payload in an assembly variant name, when displayed during the delete confirmation dialog and clicked by a user, can trigger a Store… |