Stored Cross-site Scripting Vulnerability in Autodesk Fusion Desktop Application
CVE-2026-4345

7.1HIGH

Key Information:

Vendor: Autodesk
Status: Fusion
Vendor: CVE Published:; 14 April 2026

What is CVE-2026-4345?

A security issue within the Autodesk Fusion desktop application allows for the exploitation of a Stored Cross-site Scripting vulnerability. This occurs when a maliciously crafted HTML payload is incorporated into a design name and subsequently exported to CSV. If executed, this could potentially permit a threat actor to read local files or execute arbitrary code within the context of the current process, thus compromising the integrity of the affected system.