VYPR

3ds Max

by Autodesk

Source repositories

CVEs (22)

  • CVE-2026-0661HigFeb 4, 2026
    risk 0.55cvss 8.4epss 0.00

    A maliciously crafted RGB file, when parsed through Autodesk 3ds Max, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process.

  • CVE-2026-0660HigFeb 4, 2026
    risk 0.55cvss 8.4epss 0.00

    A maliciously crafted GIF file, when parsed through Autodesk 3ds Max, can cause a Stack-Based Buffer Overflow vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process.

  • CVE-2026-0538HigFeb 4, 2026
    risk 0.55cvss 8.4epss 0.00

    A maliciously crafted GIF file, when parsed through Autodesk 3ds Max, can force an Out-of-Bounds Write vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process.

  • CVE-2026-0537HigFeb 4, 2026
    risk 0.55cvss 8.4epss 0.00

    A maliciously crafted RGB file, when parsed through Autodesk 3ds Max, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process.

  • CVE-2026-7454HigMay 26, 2026
    risk 0.51cvss 7.8epss 0.00

    A maliciously crafted WRL file, when parsed through Autodesk 3ds Max, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process.

  • CVE-2026-7452HigMay 26, 2026
    risk 0.51cvss 7.8epss 0.00

    A maliciously crafted WRL file, when parsed through Autodesk 3ds Max, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process.

  • CVE-2026-7451HigMay 26, 2026
    risk 0.51cvss 7.8epss 0.00

    A maliciously crafted TIF file, when parsed through Autodesk 3ds Max, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.

  • CVE-2026-0659HigFeb 4, 2026
    risk 0.51cvss 7.8epss 0.00

    A maliciously crafted USD file, when loaded or imported into Autodesk Arnold or Autodesk 3ds Max, can force an Out-of-Bounds Write vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process.

  • CVE-2026-7453MedMay 26, 2026
    risk 0.36cvss 5.5epss 0.00

    A maliciously crafted WRL file, when parsed through Autodesk 3ds Max, can cause a Stack Exhaustion vulnerability, leading to a denial-of-service condition.

  • CVE-2026-7450MedMay 26, 2026
    risk 0.36cvss 5.5epss 0.00

    A maliciously crafted PAR file, when parsed through Autodesk 3ds Max, can force a NULL Pointer Dereference vulnerability. Successful exploitation may cause the application to crash, leading to a denial-of-service condition.

  • CVE-2009-3577Nov 24, 2009
    risk 0.03cvss epss 0.05

    Autodesk 3D Studio Max (3DSMax) 6 through 9 and 2008 through 2010 allows remote attackers to execute arbitrary code via a .max file with a MAXScript statement that calls the DOSCommand method, related to "application callbacks."

  • CVE-2026-0536Feb 4, 2026
    risk 0.00cvss epss 0.00

    A maliciously crafted GIF file, when parsed through Autodesk 3ds Max, can cause a Stack-Based Buffer Overflow vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process.

  • CVE-2026-0662Feb 4, 2026
    risk 0.00cvss epss 0.00

    A maliciously crafted project directory, when opening a max file in Autodesk 3ds Max, could lead to execution of arbitrary code in the context of the current process due to an Untrusted Search Path being utilized.

  • CVE-2025-11797Nov 12, 2025
    risk 0.00cvss epss 0.00

    A maliciously crafted DWG file, when parsed through Autodesk 3ds Max, can force a Use-After-Free vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.

  • CVE-2025-11795Nov 12, 2025
    risk 0.00cvss epss 0.00

    A maliciously crafted JPG file, when parsed through Autodesk 3ds Max, can force an Out-of-Bounds Write vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process.

  • CVE-2025-6634Aug 6, 2025
    risk 0.00cvss epss 0.00

    A maliciously crafted TGA file, when linked or imported into Autodesk 3ds Max, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process.

  • CVE-2025-6633Aug 6, 2025
    risk 0.00cvss epss 0.00

    A maliciously crafted RBG file, when parsed through Autodesk 3ds Max, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.

  • CVE-2025-6632Aug 6, 2025
    risk 0.00cvss epss 0.00

    A maliciously crafted PSD file, when linked or imported into Autodesk 3ds Max, can force an Out-of-Bounds Read vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.

  • CVE-2022-25793Aug 10, 2022
    risk 0.00cvss epss 0.00

    A Stack-based Buffer Overflow Vulnerability in Autodesk 3ds Max 2022, 2021, and 2020 may lead to code execution through the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer when parsing ActionScript Byte Code…

  • CVE-2022-27532Jun 16, 2022
    risk 0.00cvss epss 0.01

    A maliciously crafted TIF file in Autodesk 3ds Max 2022 and 2021 can be used to write beyond the allocated buffer while parsing TIF files. This vulnerability in conjunction with other vulnerabilities could lead to arbitrary code execution.

Page 1 of 2