NULL Pointer Dereference Vulnerability in Autodesk 3ds Max
CVE-2026-7450

5.3MEDIUM

Key Information:

Vendor: Autodesk
Status: 3ds Max
Vendor: CVE Published:; 26 May 2026

What is CVE-2026-7450?

A crafted PAR file, when processed by Autodesk 3ds Max, may lead to a NULL pointer dereference. This vulnerability can result in application crashes, ultimately causing a denial-of-service condition. It is crucial for users of Autodesk 3ds Max to apply security updates to mitigate potential risks associated with this issue.

Affected Version(s)

3ds Max 2027 < 2027.1

3ds Max 2026 < 2026.1

References

https://www.autodesk.com/trust/security-advisories/adsk-s...

vendor-advisory

https://www.autodesk.com/products/autodesk-access/overview

patch

CVSS V3.1

Score:

5.3

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 26, 2026
Vulnerability Reserved
Apr 29, 2026

CVE-2026-7450 Data

JSON