14/11/2025

ZDI-25-997: Adobe USD-Fileformat-plugins usdGltf Use-After-Free Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe USD-Fileformat-plugins. Interaction with the USD library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The ZDI has assigned a CVSS rating of 3.3. The following CVEs are assigned: CVE-2025-61842.

Comments are closed.

You may also like

ZDI-25-307: Linux Kernel OpenvSwitch Out-Of-Bounds Read Information Disclosure Vulnerability

ZDI-25-759: (Pwn2Own) QNAP TS-464 Log Tool SQL Injection Remote Code Execution Vulnerability