Security updates available for Substance 3D Painter | APSB26-55
摘要
Adobe has released an update for Adobe Substance 3D Painter. This update addresses critical vulnerabilities in Adobe Substance 3D Painter. Successful exploitation could lead to arbitrary code execution.
正文
Adobe has released an update for Adobe Substance 3D Painter. This update addresses critical vulnerabilities in Adobe Substance 3D Painter. Successful exploitation could lead to arbitrary code execution. Adobe is not aware of any exploits in the wild for any of the issues addressed in these updates. Adobe categorizes these updates with the following priority ratings and recommends users update their installation to the newest version via the Creative Cloud desktop app's update mechanism. For more information, please reference this help page . For managed environments, IT administrators can use the Admin Console to deploy Creative Cloud applications to end users. Refer to this help page for more information. Affected products: - Adobe Substance 3D Painter | 12.0.2 and earlier versions | All Solutions: - Adobe Substance 3D Painter | 12.0.3 | All (Priority 3; Download Center) Vulnerabilities: - Out-of-bounds Write ( CWE-787 ) | Arbitrary code execution | Critical | CVSS 7.8 | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H - Out-of-bounds Write ( CWE-787 ) | Arbitrary code execution | Critical | CVSS 7.8 | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
标签
- contains:cve
- priority:3
- product:adobe-substance-3d-painter
- vendor:adobe
扩展字段
{
"affected_products": [
{
"platform": "All",
"product": "Adobe Substance 3D Painter",
"version": "12.0.2 and earlier versions"
}
],
"bulletin_id": "APSB26-55",
"detail_url": "https://helpx.adobe.com/security/products/substance3d_painter/apsb26-55.html",
"last_updated": "05/12/2026",
"originally_posted": "05/12/2026",
"priority": "3",
"solution_paragraphs": [
"Adobe categorizes these updates with the following priority ratings and recommends users update their installation to the newest version via the Creative Cloud desktop app's update mechanism. For more information, please reference this help page .",
"For managed environments, IT administrators can use the Admin Console to deploy Creative Cloud applications to end users. Refer to this help page for more information."
],
"solutions": [
{
"availability": "Download Center",
"availability_url": "https://www.adobe.com/products/substance3d-painter.html",
"platform": "All",
"priority": "3",
"product": "Adobe Substance 3D Painter",
"version": "12.0.3"
}
],
"summary_paragraphs": [
"Adobe has released an update for Adobe Substance 3D Painter. This update addresses critical vulnerabilities in Adobe Substance 3D Painter. Successful exploitation could lead to arbitrary code execution.",
"Adobe is not aware of any exploits in the wild for any of the issues addressed in these updates."
],
"vulnerabilities": [
{
"CVE Numbers": "CVE-2026-34675",
"CVSS base score": "7.8",
"CVSS vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"Severity": "Critical",
"Vulnerability Category": "Out-of-bounds Write ( CWE-787 )",
"Vulnerability Impact": "Arbitrary code execution"
},
{
"CVE Numbers": "CVE-2026-34676",
"CVSS base score": "7.8",
"CVSS vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"Severity": "Critical",
"Vulnerability Category": "Out-of-bounds Write ( CWE-787 )",
"Vulnerability Impact": "Arbitrary code execution"
}
]
}