Substance3D - Stager versions 3.1.3 and earlier are affected by an out-of-bounds read vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to disclose sensitive information. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
2025-09-16T18:15:52.053
2025-09-18T13:38:39.070
Analyzed
CVSSv3.1: 5.5 (MEDIUM)
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | adobe | substance_3d_stager | < 3.1.4 | Yes |
| Operating System | apple | macos | - | No |
| Operating System | microsoft | windows | - | No |