Description
Substance3D - Stager versions 3.1.6 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Published: 2026-02-10
Score: 7.8 High
EPSS: < 1% Very Low
KEV: No
Impact: Remote Code Execution
Action: Apply Patch
AI Analysis

Impact

The vulnerability is an out‑of‑bounds read triggered when Substance3D Stager parses a crafted file, allowing a malicious actor to read data beyond the allocated buffer and potentially execute code as the current user. It aligns with CWE‑125 and presents a serious remote code execution risk if a user opens a malicious file.

Affected Systems

Adobe Substance3D Stager versions 3.1.6 and earlier are affected. The application runs on both macOS and Windows platforms, so users on either operating system are vulnerable when they open a malicious file.

Risk and Exploitability

The issue carries a CVSS base score of 7.8, flagging it as high severity, while the EPSS score indicates a very low exploitation likelihood (<1 %). It is not listed in the CISA KEV catalog. An attacker must convince a user to open the crafted file, so the attack vector is file‑based user interaction. The flaw can lead to code execution, but current exploitation probability remains low under typical conditions.

Generated by OpenCVE AI on April 17, 2026 at 20:32 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update Adobe Substance 3D Stager to the latest release that patches the out‑of‑bounds read flaw.
  • Disable or remove file associations for Substance 3D Stager file types to prevent accidental execution of malicious files.
  • Train users to avoid opening unknown Substance 3D files and employ endpoint protection to detect suspicious file activity.
  • Review the Adobe security advisory at https://helpx.adobe.com/security/products/substance3d_stager/apsb26-20.html for detailed patch information.

Generated by OpenCVE AI on April 17, 2026 at 20:32 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 11 Feb 2026 17:30:00 +0000

Type Values Removed Values Added
First Time appeared Adobe
Adobe substance 3d Stager
Apple
Apple macos
Microsoft
Microsoft windows
CPEs cpe:2.3:a:adobe:substance_3d_stager:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
Vendors & Products Adobe
Adobe substance 3d Stager
Apple
Apple macos
Microsoft
Microsoft windows

Tue, 10 Feb 2026 20:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Tue, 10 Feb 2026 18:45:00 +0000

Type Values Removed Values Added
Description Substance3D - Stager versions 3.1.6 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Title Substance3D - Stager | Out-of-bounds Read (CWE-125)
Weaknesses CWE-125
References
Metrics cvssV3_1

{'score': 7.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H'}

Subscriptions

Adobe Substance 3d Stager
Apple Macos
Microsoft Windows
cve-icon MITRE

Status: PUBLISHED

Assigner: adobe

Published:

Updated: 2026-02-26T14:44:31.668Z

Reserved: 2025-12-12T22:01:18.201Z

Link: CVE-2026-21345

cve-icon Vulnrichment

Updated: 2026-02-10T19:32:56.435Z

cve-icon NVD

Status : Analyzed

Published: 2026-02-10T19:15:57.457

Modified: 2026-02-11T17:15:24.487

Link: CVE-2026-21345

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-17T20:45:25Z

Weaknesses