All intelligence
// vulnerability record
live · NVDCVE-2025-27180
MEDIUMpublished 2025-03-11 21:15 UTC · 1 year ago · modified 2026-06-17 09:03 UTC
5.5
CVSS / 10
// description
Substance3D - Modeler versions 1.15.0 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
// cvss 3.1 vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
// weaknesses (CWE)
- CWE-125