CVE-2026-10094 | THREATINT

Description

A Path Traversal vulnerability affecting SOLIDWORKS Visualize from SOLIDWORKS Desktop Release 2024 through SOLIDWORKS Desktop Release 2026 could allow an attacker to write arbitrary files on the server.

PUBLISHED Reserved 2026-05-29 | Published 2026-06-17 | Updated 2026-06-17 | Assigner 3DS

CRITICAL: 9.8CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Problem types

CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Product status

Default status

unaffected

SOLIDWORKS Desktop Release 2024 SP0 (custom)

affected

SOLIDWORKS Desktop Release 2025 SP0 (custom)

affected

SOLIDWORKS Desktop Release 2026 SP0 (custom)

affected

Credits

Andrea Petreschi finder

References

www.3ds.com/...r/security/security-advisories/cve-2026-10094

cve.org (CVE-2026-10094)

nvd.nist.gov (CVE-2026-10094)

Download JSON