๐Ÿ” CVE Alert

CVE-2026-60103

MEDIUM 6.1

Blender 3.0.0 - 5.1.2 Out-of-Bounds Read via crafted .blend SDNA block

CVSS Score
6.1
EPSS Score
0.1%
EPSS Percentile
2th

Blender 3.0.0 through 5.1.2 contains an out-of-bounds read vulnerability that allows attackers to trigger a crash or read adjacent heap memory by supplying a crafted .blend file with a malicious signed short member_index value in the SDNA block. The member_index field is used as an array index into the sdna->members[] array in sdna_expand_names() without bounds validation, allowing any value outside the allocated range to produce an invalid pointer subsequently passed to strlen(), resulting in a SIGSEGV crash or unintended heap memory disclosure.

CWE CWE-125
Vendor blender
Product blender
Published Jul 13, 2026
Last Updated Jul 15, 2026
Stay Ahead of the Next One

Get instant alerts for blender blender

Be the first to know when new medium vulnerabilities affecting blender blender are published โ€” delivered to Slack, Telegram or Discord.

Get Free Alerts โ†’ Free ยท No credit card ยท 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
Low
Integrity
None
Availability
High

Affected Versions

blender / blender
3.0.0 โ‰ค 5.1.2

References

NVD โ†— CVE.org โ†— EPSS Data โ†—
projects.blender.org: https://projects.blender.org/blender/blender/pulls/161273 projects.blender.org: https://projects.blender.org/blender/blender/commit/968972a918b5ed2d534295b639c54449d7de11cd vulncheck.com: https://www.vulncheck.com/advisories/blender-out-of-bounds-read-via-crafted-blend-sdna-block

Credits

Saad ELHARAJ VulnCheck