This page lists publicly disclosed CVE vulnerabilities affecting autodesk autocad (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2025-8894 | A maliciously crafted PDF file, when parsed through certain Autodesk products, can force a Heap-Based Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. | [email protected] | 7.8 | 0.01% | 2025-09-16 | 2025-09-19 |
| CVE-2025-8893 | A maliciously crafted PDF file, when parsed through certain Autodesk products, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process. | [email protected] | 7.8 | 0.01% | 2025-09-16 | 2025-09-19 |
| CVE-2025-5048 | A maliciously crafted DGN file, when linked or imported into Autodesk AutoCAD, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process. | [email protected] | 7.8 | 0.06% | 2025-08-15 | 2025-08-20 |
| CVE-2025-5047 | A maliciously crafted DGN file, when parsed through Autodesk AutoCAD, can force an Uninitialized Variable vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. | [email protected] | 7.8 | 0.06% | 2025-08-15 | 2025-08-20 |
| CVE-2025-5046 | A maliciously crafted DGN file, when linked or imported into Autodesk AutoCAD, can force an Out-of-Bounds Read vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. | [email protected] | 7.8 | 0.06% | 2025-08-15 | 2025-08-20 |
| CVE-2025-1276 | A maliciously crafted DWG file, when parsed through certain Autodesk applications, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process. | [email protected] | 7.8 | 0.14% | 2025-04-15 | 2025-08-19 |
| CVE-2025-1275 | A maliciously crafted JPG file, when linked or imported into certain Autodesk applications, can force a Heap-Based Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. | [email protected] | 7.8 | 0.29% | 2025-04-15 | 2025-08-19 |
| CVE-2025-1652 | A maliciously crafted MODEL file, when parsed through Autodesk AutoCAD, can force an Out-of-Bounds Read vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. | [email protected] | 7.8 | 0.38% | 2025-03-13 | 2025-08-19 |
| CVE-2025-1651 | A maliciously crafted MODEL file, when parsed through Autodesk AutoCAD, can force a Heap-Based Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. | [email protected] | 7.8 | 0.29% | 2025-03-13 | 2025-08-19 |
| CVE-2025-1650 | A maliciously crafted CATPRODUCT file, when parsed through Autodesk AutoCAD, can force an Uninitialized Variable vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. | [email protected] | 7.8 | 0.25% | 2025-03-13 | 2025-08-19 |
| CVE-2025-1649 | A maliciously crafted CATPRODUCT file, when parsed through Autodesk AutoCAD, can force an Uninitialized Variable vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. | [email protected] | 7.8 | 0.34% | 2025-03-13 | 2025-08-19 |
| CVE-2025-1433 | A maliciously crafted MODEL file, when parsed through Autodesk AutoCAD, can force an Out-of-Bounds Read vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. | [email protected] | 7.8 | 0.28% | 2025-03-13 | 2025-08-19 |
| CVE-2025-1432 | A maliciously crafted 3DM file, when parsed through Autodesk AutoCAD, can force a Use-After-Free vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. | [email protected] | 7.8 | 0.29% | 2025-03-13 | 2025-11-13 |
| CVE-2025-1431 | A maliciously crafted SLDPRT file, when parsed through Autodesk AutoCAD, can force an Out-of-Bounds Read vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. | [email protected] | 7.8 | 0.38% | 2025-03-13 | 2025-08-19 |
| CVE-2025-1430 | A maliciously crafted SLDPRT file, when parsed through Autodesk AutoCAD, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process. | [email protected] | 7.8 | 0.29% | 2025-03-13 | 2025-08-19 |
| CVE-2025-1429 | A maliciously crafted MODEL file, when parsed through Autodesk AutoCAD, can force a Heap-Based Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. | [email protected] | 7.8 | 0.29% | 2025-03-13 | 2025-08-19 |
| CVE-2025-1428 | A maliciously crafted CATPART file, when parsed through Autodesk AutoCAD, can force an Out-of-Bounds Read vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. | [email protected] | 7.8 | 0.38% | 2025-03-13 | 2025-08-19 |
| CVE-2025-1427 | A maliciously crafted CATPRODUCT file, when parsed through Autodesk AutoCAD, can force an Uninitialized Variable vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. | [email protected] | 7.8 | 0.16% | 2025-03-13 | 2025-08-19 |
| CVE-2024-9997 | A maliciously crafted DWG file when parsed in acdb25.dll through Autodesk AutoCAD can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process. | [email protected] | 7.8 | 0.53% | 2024-10-29 | 2025-04-04 |
| CVE-2024-9996 | A maliciously crafted DWG file, when parsed in acdb25.dll through Autodesk AutoCAD, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process. | [email protected] | 7.8 | 0.53% | 2024-10-29 | 2025-02-10 |