Skip to main content

Maya

3 CVEs product

Monthly

CVE-2025-4605 MEDIUM PATCH This Month

A maliciously crafted .usdc file, when loaded through Autodesk Maya, can force an uncontrolled memory allocation vulnerability. A malicious actor may leverage this vulnerability to cause a denial-of-service (DoS), or cause data corruption.

Information Disclosure Universal Scene Description Maya
NVD GitHub
CVSS 3.1
6.6
EPSS
0.1%
CVE-2022-42947 HIGH This Week

A maliciously crafted X_B file when parsed through Autodesk Maya 2023 and 2022 can be used to write beyond the allocated buffer. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Buffer Overflow Maya
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-42946 HIGH This Week

Parsing a maliciously crafted X_B and PRT file can force Autodesk Maya 2023 and 2022 to read beyond allocated buffer. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure RCE Buffer Overflow Maya
NVD
CVSS 3.1
7.1
EPSS
0.3%
EPSS 0% CVSS 6.6
MEDIUM PATCH This Month

A maliciously crafted .usdc file, when loaded through Autodesk Maya, can force an uncontrolled memory allocation vulnerability. A malicious actor may leverage this vulnerability to cause a denial-of-service (DoS), or cause data corruption.

Information Disclosure Universal Scene Description Maya
NVD GitHub
EPSS 0% CVSS 7.8
HIGH This Week

A maliciously crafted X_B file when parsed through Autodesk Maya 2023 and 2022 can be used to write beyond the allocated buffer. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Buffer Overflow +1
NVD
EPSS 0% CVSS 7.1
HIGH This Week

Parsing a maliciously crafted X_B and PRT file can force Autodesk Maya 2023 and 2022 to read beyond allocated buffer. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure RCE Buffer Overflow +1
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy