Vulnerability-Lookup

CNVD-2026-12699

Vulnerability from cnvd - Published: 2026-03-04

Title

Adobe ‌Substance 3D Stager‌存在越界读取漏洞（CNVD-2026-12699）

Description

‌Substance 3D Stager‌是美国奥多比（Adobe）公司推出的一款专用于3D场景布景、灯光设置与高质量渲染‌的专业软件。 Adobe ‌Substance 3D Stager‌存在越界读取漏洞，攻击者可利用该漏洞在当前用户的上下文中执行代码。

Severity

高

Patch Name

Adobe ‌Substance 3D Stager‌存在越界读取漏洞（CNVD-2026-12699）的补丁

Patch Description

‌Substance 3D Stager‌是美国奥多比（Adobe）公司推出的一款专用于3D场景布景、灯光设置与高质量渲染‌的专业软件。 Adobe ‌Substance 3D Stager‌存在越界读取漏洞，攻击者可利用该漏洞在当前用户的上下文中执行代码。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

厂商已发布了漏洞修复程序，请及时关注更新： https://helpx.adobe.com/security/products/substance3d_stager/apsb26-20.html

Reference

https://helpx.adobe.com/security/products/substance3d_stager/apsb26-20.html

Impacted products

Name
Adobe Substance 3D Stager‌ <=3.1.6

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2026-21343",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2026-21343"
    }
  },
  "description": "\u200cSubstance 3D Stager\u200c\u662f\u7f8e\u56fd\u5965\u591a\u6bd4\uff08Adobe\uff09\u516c\u53f8\u63a8\u51fa\u7684\u4e00\u6b3e\u4e13\u7528\u4e8e3D\u573a\u666f\u5e03\u666f\u3001\u706f\u5149\u8bbe\u7f6e\u4e0e\u9ad8\u8d28\u91cf\u6e32\u67d3\u200c\u7684\u4e13\u4e1a\u8f6f\u4ef6\u3002\n\nAdobe \u200cSubstance 3D Stager\u200c\u5b58\u5728\u8d8a\u754c\u8bfb\u53d6\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5728\u5f53\u524d\u7528\u6237\u7684\u4e0a\u4e0b\u6587\u4e2d\u6267\u884c\u4ee3\u7801\u3002",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://helpx.adobe.com/security/products/substance3d_stager/apsb26-20.html",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2026-12699",
  "openTime": "2026-03-04",
  "patchDescription": "\u200cSubstance 3D Stager\u200c\u662f\u7f8e\u56fd\u5965\u591a\u6bd4\uff08Adobe\uff09\u516c\u53f8\u63a8\u51fa\u7684\u4e00\u6b3e\u4e13\u7528\u4e8e3D\u573a\u666f\u5e03\u666f\u3001\u706f\u5149\u8bbe\u7f6e\u4e0e\u9ad8\u8d28\u91cf\u6e32\u67d3\u200c\u7684\u4e13\u4e1a\u8f6f\u4ef6\u3002\r\n\r\nAdobe \u200cSubstance 3D Stager\u200c\u5b58\u5728\u8d8a\u754c\u8bfb\u53d6\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5728\u5f53\u524d\u7528\u6237\u7684\u4e0a\u4e0b\u6587\u4e2d\u6267\u884c\u4ee3\u7801\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Adobe \u200cSubstance 3D Stager\u200c\u5b58\u5728\u8d8a\u754c\u8bfb\u53d6\u6f0f\u6d1e\uff08CNVD-2026-12699\uff09\u7684\u8865\u4e01",
  "products": {
    "product": "Adobe Substance 3D Stager\u200c \u003c=3.1.6"
  },
  "referenceLink": "https://helpx.adobe.com/security/products/substance3d_stager/apsb26-20.html",
  "serverity": "\u9ad8",
  "submitTime": "2026-03-02",
  "title": "Adobe \u200cSubstance 3D Stager\u200c\u5b58\u5728\u8d8a\u754c\u8bfb\u53d6\u6f0f\u6d1e\uff08CNVD-2026-12699\uff09"
}

CVE-2026-21343 (GCVE-0-2026-21343)

Vulnerability from cvelistv5 – Published: 2026-02-10 18:16 – Updated: 2026-02-26 14:44

Title

Substance3D - Stager | Out-of-bounds Read (CWE-125)

Summary

Substance3D - Stager versions 3.1.6 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Severity ?

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE

CWE-125 - Out-of-bounds Read (CWE-125)

Assigner

adobe

References

URL

Tags

https://helpx.adobe.com/security/products/substan…

vendor-advisory

Impacted products

	Vendor	Product	Version
	Adobe	Substance3D - Stager	Affected: 0 , ≤ 3.1.6 (semver)

Date Public ?

2026-02-10 17:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-21343",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-02-11T04:56:44.268847Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-02-26T14:44:31.075Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "product": "Substance3D - Stager",
          "vendor": "Adobe",
          "versions": [
            {
              "lessThanOrEqual": "3.1.6",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "datePublic": "2026-02-10T17:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Substance3D - Stager versions 3.1.6 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "availabilityRequirement": "NOT_DEFINED",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "confidentialityRequirement": "NOT_DEFINED",
            "environmentalScore": 7.8,
            "environmentalSeverity": "HIGH",
            "exploitCodeMaturity": "NOT_DEFINED",
            "integrityImpact": "HIGH",
            "integrityRequirement": "NOT_DEFINED",
            "modifiedAttackComplexity": "LOW",
            "modifiedAttackVector": "LOCAL",
            "modifiedAvailabilityImpact": "HIGH",
            "modifiedConfidentialityImpact": "HIGH",
            "modifiedIntegrityImpact": "HIGH",
            "modifiedPrivilegesRequired": "NONE",
            "modifiedScope": "UNCHANGED",
            "modifiedUserInteraction": "REQUIRED",
            "privilegesRequired": "NONE",
            "remediationLevel": "NOT_DEFINED",
            "reportConfidence": "NOT_DEFINED",
            "scope": "UNCHANGED",
            "temporalScore": 7.8,
            "temporalSeverity": "HIGH",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-125",
              "description": "Out-of-bounds Read (CWE-125)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-02-10T18:16:29.603Z",
        "orgId": "078d4453-3bcd-4900-85e6-15281da43538",
        "shortName": "adobe"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://helpx.adobe.com/security/products/substance3d_stager/apsb26-20.html"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "title": "Substance3D - Stager | Out-of-bounds Read (CWE-125)"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
    "assignerShortName": "adobe",
    "cveId": "CVE-2026-21343",
    "datePublished": "2026-02-10T18:16:29.603Z",
    "dateReserved": "2025-12-12T22:01:18.200Z",
    "dateUpdated": "2026-02-26T14:44:31.075Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CNVD-2026-12699

CVE-2026-21343 (GCVE-0-2026-21343)

Tags

Sightings

Nomenclature