Autodesk

Fusion

13 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.6

CVE-2026-10789

  • EPSS 0.29%
  • Veröffentlicht 22.06.2026 17:15:25
  • Zuletzt bearbeitet 23.06.2026 05:17:02

A maliciously crafted webpage, when visited by a user with Autodesk Fusion Desktop running and the MCP extension enabled, can trigger a vulnerability in the MCP extension that could allow arbitrary code execution. A successful exploit may allow code ...

7.1

CVE-2026-4344

  • EPSS 0.2%
  • Veröffentlicht 14.04.2026 13:56:56
  • Zuletzt bearbeitet 22.04.2026 15:04:34

A maliciously crafted HTML payload in a component name, when displayed during the delete confirmation dialog and clicked by a user, can trigger a Stored Cross-site Scripting (XSS) vulnerability in the Autodesk Fusion desktop application. A malicious ...

7.1

CVE-2026-4345

  • EPSS 0.2%
  • Veröffentlicht 14.04.2026 13:56:22
  • Zuletzt bearbeitet 22.04.2026 15:04:58

A maliciously crafted HTML payload, stored in a design name and exported to CSV, can trigger a Stored Cross-site Scripting (XSS) vulnerability in the Autodesk Fusion desktop application. A malicious actor may leverage this vulnerability to read local...

7.1

CVE-2026-4369

  • EPSS 0.2%
  • Veröffentlicht 14.04.2026 13:47:01
  • Zuletzt bearbeitet 22.04.2026 15:12:45

A maliciously crafted HTML payload in an assembly variant name, when displayed during the delete confirmation dialog and clicked by a user, can trigger a Stored Cross-site Scripting (XSS) vulnerability in the Autodesk Fusion desktop application. A ma...

8.1

CVE-2026-0535

  • EPSS 0.58%
  • Veröffentlicht 22.01.2026 16:59:34
  • Zuletzt bearbeitet 03.06.2026 14:16:32

A maliciously crafted HTML payload, stored in a component’s description and clicked by a user, can trigger a Stored Cross-site Scripting (XSS) vulnerability in the Autodesk Fusion desktop application. A malicious actor may leverage this vulnerability...

8.1

CVE-2026-0534

  • EPSS 0.47%
  • Veröffentlicht 22.01.2026 16:59:01
  • Zuletzt bearbeitet 03.06.2026 14:16:31

A maliciously crafted HTML payload, stored in a part’s attribute and clicked by a user, can trigger a Stored Cross-site Scripting (XSS) vulnerability in the Autodesk Fusion desktop application. A malicious actor may leverage this vulnerability to rea...

8.1

CVE-2026-0533

  • EPSS 0.59%
  • Veröffentlicht 22.01.2026 16:58:43
  • Zuletzt bearbeitet 03.06.2026 14:16:31

A maliciously crafted HTML payload in a design name, when displayed during the delete confirmation dialog and clicked by a user, can trigger a Stored Cross-site Scripting (XSS) vulnerability in the Autodesk Fusion desktop application. A malicious act...

8.7

CVE-2025-10244

  • EPSS 0.42%
  • Veröffentlicht 23.09.2025 12:15:28
  • Zuletzt bearbeitet 01.12.2025 18:23:22

A maliciously crafted HTML payload, when rendered by the Autodesk Fusion desktop application, can trigger a Stored Cross-site Scripting (XSS) vulnerability. A malicious actor may leverage this vulnerability to read local files or execute arbitrary co...

7.8

CVE-2021-40162

  • EPSS 0.24%
  • Veröffentlicht 07.10.2022 18:15:14
  • Zuletzt bearbeitet 21.11.2024 06:23:42

A maliciously crafted TIF, PICT, TGA, or RLC files in Autodesk Image Processing component may be forced to read beyond allocated boundaries when parsing the TIFF, PICT, TGA, or RLC files. This vulnerability may be exploited to execute arbitrary code.

7.8

CVE-2021-40163

  • EPSS 0.24%
  • Veröffentlicht 07.10.2022 18:15:14
  • Zuletzt bearbeitet 21.11.2024 06:23:42

A Memory Corruption vulnerability may lead to code execution through maliciously crafted DLL files through Autodesk Image Processing component.