PatchSiren cyber security CVE debrief
CVE-2026-34710 Adobe CVE debrief
CVE-2026-34710 is a high-severity vulnerability in Adobe Substance 3D Sampler, a 3D modeling and texturing software. The vulnerability, rated 7.8 CVSS score, is caused by an out-of-bounds write issue that could result in arbitrary code execution in the context of the current user. To exploit this vulnerability, a victim must open a malicious file, indicating that user interaction is required.
- Vendor
- Adobe
- Product
- Substance3D - Sampler
- CVSS
- HIGH 7.8
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-09
- Original CVE updated
- 2026-06-11
- Advisory published
- 2026-06-09
- Advisory updated
- 2026-06-11
Who should care
Users of Adobe Substance 3D Sampler versions 6.0.0 and earlier should apply the necessary patches to prevent potential exploitation.
Technical summary
The vulnerability exists in Substance3D - Sampler versions 6.0.0 and earlier. It is characterized as an out-of-bounds write issue, which can lead to arbitrary code execution. The CVSS vector for this vulnerability is CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H, indicating Local Attack Vector, Low Attack Complexity, No Privileges required, User Interaction Required, and High impact on Confidentiality, Integrity, and Availability.
Defensive priority
High
Recommended defensive actions
- Apply the patch: Refer to [ref-4](https://helpx.adobe.com/security/products/substance3d-sampler/apsb26-60.html) for mitigation details from Adobe.
Evidence notes
The information provided is based on data from official sources, including the CVE record and NVD details.
Official resources
-
CVE-2026-34710 CVE record
CVE.org
-
CVE-2026-34710 NVD detail
NVD
-
Source item URL
nvd_modified
-
Mitigation or vendor reference
[email protected] - Vendor Advisory
CVE-2026-34710 was published on 2026-06-09T20:16:39.770Z and modified on 2026-06-11T13:50:23.973Z.