Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
5.5
Substance3D Painter versions 11.1.2 and earlier: Attacker can access sensitive data
CVE-2026-27219
Summary
Versions of Substance3D Painter before 11.1.3 are at risk. An attacker can trick you into opening a malicious file, which could reveal sensitive information stored in your computer's memory. To stay safe, update to the latest version of Substance3D Painter.
What to do
No fix is available yet. Check with your software vendor for updates.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| adobe | substance_3d_painter | <= 11.1.3 | – |
Original title
Substance3D - Painter versions 11.1.2 and earlier are affected by an Out-of-bounds Read vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to access sen...
Original description
Substance3D - Painter versions 11.1.2 and earlier are affected by an Out-of-bounds Read vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to access sensitive information stored in memory. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
nvd CVSS3.1
5.5
Vulnerability type
CWE-125
Out-of-bounds Read
Published: 10 Mar 2026 · Updated: 13 Mar 2026 · First seen: 10 Mar 2026