CVE-2026-0662: Untrusted Search Path Vulnerability when opening max Files
Published Feb 4, 2026
·Updated
A maliciously crafted project directory, when opening a max file in Autodesk 3ds Max, could lead to execution of arbitrary code in the context of the current process due to an Untrusted Search Path being utilized.
Affected Software
2 affected components
Autodesk 3ds Max
Autodesk 3ds Max>=2026<2026.3.2
Event History
Feb 4, 2026
CVE Published
via MITRE·04:28 PM
Data Sourced
via MITRE·04:28 PM
DescriptionSeverityWeakness
Data Sourced
via NVD·05:16 PM
DescriptionSeverityWeaknessAffected Software
Frequently Asked Questions
1
What is the severity of CVE-2026-0662?
CVE-2026-0662 has a high severity rating due to its potential for arbitrary code execution.
2
How do I fix CVE-2026-0662?
To fix CVE-2026-0662, ensure that Autodesk 3ds Max is updated to the latest version which contains security patches.
3
What type of vulnerability is CVE-2026-0662?
CVE-2026-0662 is classified as an Untrusted Search Path vulnerability affecting Autodesk 3ds Max.
4
Who is affected by CVE-2026-0662?
Users of Autodesk 3ds Max are potentially affected by CVE-2026-0662 when opening max files from untrusted directories.
5
What can an attacker achieve with CVE-2026-0662?
An attacker could execute arbitrary code in the context of the current process by exploiting CVE-2026-0662.