Home » Tags

Autodesk

ZDI-26-106: Autodesk AutoCAD CATPART File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

ZDI-26-106: Autodesk AutoCAD CATPART File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

• Advisory Details Autodesk AutoCAD CATPART File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability ZDI-26-106ZDI-CAN-28417 This vulnerability allows remote attackers

Threat Intelligence · February 18, 2026 (updated February 25, 2026) · 4 min · 684 words
Crafting a Full Exploit RCE from a Crash in Autodesk Revit RFA File Parsing

Crafting a Full Exploit RCE from a Crash in Autodesk Revit RFA File Parsing

• In April of 2025, my colleague Mat Powell was hunting for vulnerabilities in Autodesk Revit 2025. • While fuzzing RFA files, he found the following crash (CVE-2025-5037 / ZDI-CAN