CVE-2026-21305

目前暂无公开的PoC代码

{"cve": {"id": "CVE-2026-21305", "sourceIdentifier": "[email protected]", "published": "2026-01-13T20:16:09.443", "lastModified": "2026-01-14T17:57:27.897", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "Substance3D - Painter versions 11.0.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."}, {"lang": "es", "value": "Substance3D - Painter versiones 11.0.3 y anteriores están afectadas por una vulnerabilidad de escritura fuera de límites que podría resultar en ejecución de código arbitrario en el contexto del usuario actual. La explotación de este problema requiere interacción del usuario en el sentido de que una víctima debe abrir un archivo malicioso."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Primary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "baseScore": 7.8, "baseSeverity": "HIGH", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH"}, "exploitabilityScore": 1.8, "impactScore": 5.9}]}, "weaknesses": [{"source": "[email protected]", "type": "Primary", "description": [{"lang": "en", "value": "CWE-787"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:adobe:substance_3d_painter:*:*:*:*:*:*:*:*", "versionEndExcluding": "11.1.2", "matchCriteriaId": "7E85EB0F-F4D8-47B7-A523-E7A998C62141"}]}]}], "references": [{"url": "https://helpx.adobe.com/security/products/substance3d_painter/apsb26-10.html", "source": "[email protected]", "tags": ["Vendor Advisory"]}]}}