This page lists publicly disclosed CVE vulnerabilities affecting prusa3d prusaslicer (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2023-47268 | In libslic3r/GCode/PostProcessor.cpp in Prusa PrusaSlicer through 2.6.1, a crafted 3mf project file can execute arbitrary code on a host where the project is sliced and G-code exported. | [email protected] | 5.3 | 0.11% | 2026-05-08 | 2026-05-11 |
| CVE-2022-27438 | Caphyon Ltd Advanced Installer 19.3 and earlier and many products that use the updater from Advanced Installer (Advanced Updater) are affected by a remote code execution vulnerability via the CustomDetection parameter in the update check function. To exploit this vulnerability, a user must start an affected installation to trigger the update check. | [email protected] | 8.1 | 12.27% | 2022-06-06 | 2024-11-21 |
| CVE-2020-28594 | A use-after-free vulnerability exists in the _3MF_Importer::_handle_end_model() functionality of Prusa Research PrusaSlicer 2.2.0 and Master (commit 4b040b856). A specially crafted 3MF file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability. | [email protected] | 7.8 | 0.67% | 2021-08-17 | 2024-11-21 |
| CVE-2020-28598 | An out-of-bounds write vulnerability exists in the Admesh stl_fix_normal_directions() functionality of Prusa Research PrusaSlicer 2.2.0 and Master (commit 4b040b856). A specially crafted AMF file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability. | [email protected] | 7.8 | 0.41% | 2021-07-08 | 2024-11-21 |
| CVE-2020-28596 | A stack-based buffer overflow vulnerability exists in the Objparser::objparse() functionality of Prusa Research PrusaSlicer 2.2.0 and Master (commit 4b040b856). A specially crafted obj file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability. | [email protected] | 7.8 | 0.61% | 2021-02-10 | 2024-11-21 |
| CVE-2020-28595 | An out-of-bounds write vulnerability exists in the Obj.cpp load_obj() functionality of Prusa Research PrusaSlicer 2.2.0 and Master (commit 4b040b856). A specially crafted obj file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability. | [email protected] | 7.8 | 0.36% | 2021-02-10 | 2024-11-21 |