threat
engine
.sh
Back
·
··:··
Home
/
Product
/
autodesk 3ds max
Product
autodesk 3ds max
18 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
Sort
Newest first
Oldest first
Highest CVSS
Lowest CVSS
Min CVSS
Any
4.0+
7.0+ (High)
9.0+ (Critical)
Published since
Reset
CVE-2026-0536
>= 2026 and < 2026.3.2
A maliciously crafted GIF file, when parsed through Autodesk 3ds Max, can cause a Stack-Based Buffer Overflow vulnerability. A mal
7.8
HIGH
CVE-2026-0662
>= 2026 and < 2026.3.2
A maliciously crafted project directory, when opening a max file in Autodesk 3ds Max, could lead to execution of arbitrary code in
7.8
HIGH
CVE-2026-0661
>= 2026 and < 2026.3.2
A maliciously crafted RGB file, when parsed through Autodesk 3ds Max, can force a Memory Corruption vulnerability. A malicious act
8.4
HIGH
CVE-2026-0660
>= 2026 and < 2026.3.2
A maliciously crafted GIF file, when parsed through Autodesk 3ds Max, can cause a Stack-Based Buffer Overflow vulnerability. A mal
8.4
HIGH
CVE-2026-0538
>= 2026 and < 2026.3.2
A maliciously crafted GIF file, when parsed through Autodesk 3ds Max, can force an Out-of-Bounds Write vulnerability. A malicious
8.4
HIGH
CVE-2026-0537
>= 2026 and < 2026.3.2
A maliciously crafted RGB file, when parsed through Autodesk 3ds Max, can force a Memory Corruption vulnerability. A malicious act
8.4
HIGH
CVE-2025-11797
>= 2026 and < 2026.3
A maliciously crafted DWG file, when parsed through Autodesk 3ds Max, can force a Use-After-Free vulnerability. A malicious actor
7.8
HIGH
CVE-2025-11795
>= 2026 and < 2026.3
A maliciously crafted JPG file, when parsed through Autodesk 3ds Max, can force an Out-of-Bounds Write vulnerability. A malicious
7.8
HIGH
CVE-2025-6634
>= 2026 and < 2026.2
A maliciously crafted TGA file, when linked or imported into Autodesk 3ds Max, can force a Memory Corruption vulnerability. A mali
7.8
HIGH
CVE-2025-6633
>= 2026 and < 2026.2
A maliciously crafted RBG file, when parsed through Autodesk 3ds Max, can force an Out-of-Bounds Write vulnerability. A malicious
7.8
HIGH
CVE-2025-6632
>= 2026 and < 2026.2
A maliciously crafted PSD file, when linked or imported into Autodesk 3ds Max, can force an Out-of-Bounds Read vulnerability. A ma
5.3
MEDIUM
CVE-2023-25002
all versions
A maliciously crafted SKP file in Autodesk products is used to trigger use-after-free vulnerability. Exploitation of this vulnerab
7.8
HIGH
CVE-2022-25793
>= 2020 and < 2020.3.6
A Stack-based Buffer Overflow Vulnerability in Autodesk 3ds Max 2022, 2021, and 2020 may lead to code execution through the lack o
7.8
HIGH
CVE-2022-27871
all versions
Autodesk AutoCAD product suite, Revit, Design Review and Navisworks releases using PDFTron prior to 9.1.17 version may be used to
7.8
HIGH
CVE-2022-27532
>= 2021 and < 2021.3.8
A maliciously crafted TIF file in Autodesk 3ds Max 2022 and 2021 can be used to write beyond the allocated buffer while parsing TI
7.8
HIGH
CVE-2022-27531
>= 2021 and < 2021.3.8
A maliciously crafted TIF file can be forced to read beyond allocated boundaries in Autodesk 3ds Max 2022, and 2021 when parsing t
7.8
HIGH
CVE-2009-3577
all versions
Autodesk 3D Studio Max (3DSMax) 6 through 9 and 2008 through 2010 allows remote attackers to execute arbitrary code via a .max fil
CVE-2005-4710
all versions
Unspecified vulnerability in multiple Autodesk and AutoCAD products and product families from 2006 and earlier allows remote attac
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin