CVE-2025-54205

CWE-125 — Out-of-bounds Read4 documents4 sources

Severity

5.5MEDIUM

EPSS

0.0%

top 92.95%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Adobe Substance 3D Sampler Adobe Substance3d - Sampler

Timeline

PublishedAug 12

Description

Substance3D - Sampler versions 5.0.3 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:NExploitability: 1.8 | Impact: 3.6

Affected Packages2 packages

▶NVDadobe/substance_3d_sampler< 5.1.0

▶CVEListV5adobe/substance3d_-_sampler5.0.3

🔴Vulnerability Details

CVEList

Substance3D - Sampler | Out-of-bounds Read (CWE-125)↗2025-08-12

▶

GHSA

GHSA-455w-9px7-8rw5: Substance3D - Sampler versions 5↗2025-08-12

▶