Out-of-Bounds Write Vulnerability in Substance3D Sampler by Adobe
CVE-2026-34709

7.8HIGH

Key Information:

Vendor

Adobe

Vendor
CVE Published:
9 June 2026

What is CVE-2026-34709?

Substance3D Sampler, developed by Adobe, has an out-of-bounds write vulnerability present in versions 6.0.0 and earlier. This vulnerability allows for the potential execution of arbitrary code within the context of the user, contingent upon user interaction where the victim must open a specially crafted malicious file. This type of security flaw poses serious risks, making it imperative for users to upgrade or secure their systems against potential exploitation.

Affected Version(s)

Substance3D - Sampler 0 <= 6.0.0

References

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.