CVE-2026-27275 - Vulnerability Details

- Substance3D - Stager | Out-of-bounds Write (CWE-787)

Description

Substance3D - Stager versions 3.1.7 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Published: 2026-03-10

Score: 7.8 High

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

Impact

An out‑of‑bounds write vulnerability in Substance3D – Stager versions 3.1.7 and earlier allows an attacker to execute arbitrary code with the privileges of the user who opens a crafted file. The flaw manifests when the application processes a maliciously constructed file, enabling code to run without needing elevated rights.

Affected Systems

Adobe’s Substance3D – Stager is impacted, specifically releases 3.1.7 and older. The software runs on multiple operating systems, including macOS and Windows, as indicated by the associated CPE entries. Any system that has an unpatched version of this product is susceptible.

Risk and Exploitability

The vulnerability scores a 7.8 on the CVSS vector, indicating high severity, yet the EPSS indicates a very low probability of exploitation (<1%). It is not listed in CISA’s KEV catalog. Exploitation requires human interaction – the victim must open a malicious file – so the primary vector is social engineering or phishing. Because the flaw involves an out‑of‑bounds write (CWE‑787), attackers can influence memory corruption to achieve arbitrary code execution. The impact is total loss of confidentiality, integrity, and availability of the affected machine.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Adobe

Substance3D - Stager

affected

Version	Status	Constraints
`0`	affected	≤ 3.1.7

Configuration 1 [-]

AND

cpe:2.3:a:adobe:substance_3d_stager:*:*:*:*:*:*:*:*

OR	cpe:2.3:o:apple:macos:-:::::::*
	cpe:2.3:o:microsoft:windows:-:::::::*

No data.

Vendor Product Confidence Versions

Adobe

Substance 3d Stager

94%

Version	Status	Scheme	Platform
`[0,3.1.7]`	affected	semver	—

Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Apply the latest Adobe patch or upgraded release for Substance3D – Stager to eliminate the out‑of‑bounds write flaw.
Never open or execute unknown or suspicious files within Substance3D – Stager; verify file provenance before opening.
If no patch is available, run the application in a sandboxed environment or restrict its user permissions to limit potential damage from a memory corruption exploit.

Generated by OpenCVE AI on April 16, 2026 at 03:36 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00037.

Exploitation none

Automatable no

Technical Impact total

References

Link	Providers
https://helpx.adobe.com/security/products/substance3d_stager/apsb26-29.html

History

Thu, 12 Mar 2026 13:45:00 +0000

Type	Values Removed	Values Added
First Time appeared		Apple Apple macos Microsoft Microsoft windows
CPEs		cpe:2.3:a:adobe:substance_3d_stager:::::::: cpe:2.3:o:apple:macos:-:::::::* cpe:2.3:o:microsoft:windows:-:::::::*
Vendors & Products		Apple Apple macos Microsoft Microsoft windows

Wed, 11 Mar 2026 12:00:00 +0000

Type	Values Removed	Values Added
First Time appeared		Adobe Adobe substance 3d Stager
Vendors & Products		Adobe Adobe substance 3d Stager

Tue, 10 Mar 2026 20:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

Tue, 10 Mar 2026 19:00:00 +0000

Type	Values Removed	Values Added
Description		Substance3D - Stager versions 3.1.7 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Title		Substance3D - Stager \| Out-of-bounds Write (CWE-787)
Weaknesses		CWE-787
References		https://helpx.adobe.com/security/products/substance3d_stager/apsb26-29.html
Metrics		cvssV3_1 `{'score': 7.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H'}`

Subscriptions

Adobe Substance 3d Stager

Apple Macos

Microsoft Windows

MITRE

Status: PUBLISHED

Assigner: adobe

Published: 2026-03-10T18:38:58.209Z

Updated: 2026-03-11T03:57:00.856Z

Reserved: 2026-02-18T22:02:41.388Z

Link: CVE-2026-27275

Vulnrichment

Updated: 2026-03-10T19:10:33.427Z

NVD

Status : Analyzed

Published: 2026-03-10T19:17:19.560

Modified: 2026-03-12T13:33:09.300

Link: CVE-2026-27275

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-04-16T03:45:16Z

Weaknesses

CWE-787

Impact

Affected Systems

Risk and Exploitability

Tracking

Attack Vector Local

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

Exploitation none

Automatable no

Technical Impact total

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object