{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata. Fed continuously.","feed_url":"https://feed.craftedsignal.io/tags/cve-2026-34676/feed.json","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cpes":[],"_cs_cves":[{"cvss":7.8,"id":"CVE-2026-34676"}],"_cs_exploited":false,"_cs_has_poc":false,"_cs_poc_references":[],"_cs_products":["Substance3D - Painter (\u003c= 12.0.2)"],"_cs_severities":["high"],"_cs_tags":["cve","adobe","out-of-bounds write","code execution","cve-2026-34676"],"_cs_type":"advisory","_cs_vendors":["Adobe Systems Incorporated"],"content_html":"\u003cp\u003eCVE-2026-34676 describes an out-of-bounds write vulnerability affecting Adobe Substance3D Painter versions 12.0.2 and earlier. This vulnerability can lead to arbitrary code execution within the context of the current user. The attack requires user interaction, as the victim must open a specially crafted malicious file. Successful exploitation could allow an attacker to gain control of the user\u0026rsquo;s system. This vulnerability was reported by Adobe Systems Incorporated and assigned a CVSS v3.1 score of 7.8.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eAttacker crafts a malicious Substance3D Painter file.\u003c/li\u003e\n\u003cli\u003eThe attacker delivers the malicious file to a victim. This could be done through phishing, social engineering, or other methods.\u003c/li\u003e\n\u003cli\u003eThe victim opens the malicious file using an affected version of Substance3D Painter (\u0026lt;= 12.0.2).\u003c/li\u003e\n\u003cli\u003eSubstance3D Painter attempts to process the malicious file.\u003c/li\u003e\n\u003cli\u003eDue to the out-of-bounds write vulnerability, the application writes data to an unintended memory location.\u003c/li\u003e\n\u003cli\u003eThis write overwrites critical program data or code.\u003c/li\u003e\n\u003cli\u003eThe attacker gains the ability to execute arbitrary code in the context of the user.\u003c/li\u003e\n\u003cli\u003eThe attacker can then perform actions such as installing malware, stealing data, or gaining persistent access to the system.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of CVE-2026-34676 can result in arbitrary code execution on the victim\u0026rsquo;s machine, with the privileges of the user running Substance3D Painter. This could lead to data theft, malware installation, or complete system compromise. The vulnerability requires user interaction, limiting the scope of potential attacks. However, targeted attacks could be highly effective if victims can be tricked into opening malicious files.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade to a version of Substance3D Painter that addresses CVE-2026-34676. Refer to the Adobe security advisory \u003ca href=\"https://helpx.adobe.com/security/products/substance3d_painter/apsb26-55.html\"\u003ehttps://helpx.adobe.com/security/products/substance3d_painter/apsb26-55.html\u003c/a\u003e for specific instructions.\u003c/li\u003e\n\u003cli\u003eDeploy the Sigma rule to detect suspicious process executions originating from Substance3D Painter after a file open operation.\u003c/li\u003e\n\u003cli\u003eEducate users to be cautious when opening files from untrusted sources, as this vulnerability requires user interaction.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-05-12T18:28:14Z","date_published":"2026-05-12T18:28:14Z","id":"https://feed.craftedsignal.io/briefs/2026-05-cve-2026-34676/","summary":"Adobe Substance3D Painter versions 12.0.2 and earlier are vulnerable to an out-of-bounds write, potentially leading to arbitrary code execution if a user opens a malicious file.","title":"CVE-2026-34676: Adobe Substance3D Painter Out-of-bounds Write Vulnerability","url":"https://feed.craftedsignal.io/briefs/2026-05-cve-2026-34676/"}],"language":"en","title":"CraftedSignal Threat Feed — Cve-2026-34676","version":"https://jsonfeed.org/version/1.1"}