PatchSiren cyber security CVE debrief
CVE-2026-34709 Adobe CVE debrief
CVE-2026-34709 is a HIGH-severity vulnerability in Adobe Substance 3D Sampler. Versions 6.0.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction, as a victim must open a malicious file.
- Vendor
- Adobe
- Product
- Substance3D - Sampler
- CVSS
- HIGH 7.8
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-09
- Original CVE updated
- 2026-06-11
- Advisory published
- 2026-06-09
- Advisory updated
- 2026-06-11
Who should care
Users of Adobe Substance 3D Sampler versions 6.0.0 and earlier should apply updates or mitigations to prevent potential arbitrary code execution.
Technical summary
The vulnerability, tracked as CVE-2026-34709, has a CVSS score of 7.8 and is classified as HIGH severity. It is caused by an out-of-bounds write issue in Adobe Substance 3D Sampler. The vulnerability requires user interaction to exploit, as it involves opening a malicious file.
Defensive priority
High
Recommended defensive actions
- Apply updates: Upgrade to Adobe Substance 3D Sampler version 6.0.1 or later.
- User awareness: Educate users about the risks of opening malicious files.
Evidence notes
The CVE was published on 2026-06-09T20:16:39.633Z and last modified on 2026-06-11T13:05:34.603Z. The vulnerability affects Adobe Substance 3D Sampler versions 6.0.0 and earlier.
Official resources
-
CVE-2026-34709 CVE record
CVE.org
-
CVE-2026-34709 NVD detail
NVD
-
Source item URL
nvd_modified
-
Mitigation or vendor reference
[email protected] - Vendor Advisory
CVE-2026-34709 was published on 2026-06-09T20:16:39.633Z and last modified on 2026-06-11T13:05:34.603Z.