CVE-2023-26390: 
Adobe Substance 3D Stager vulnerability analysis and mitigation

Adobe Substance 3D Stager version 2.0.1 and earlier versions are affected by a Stack-based Buffer Overflow vulnerability. The vulnerability was disclosed on April 11, 2023, and has been assigned CVE-2023-26390. This security flaw affects Adobe Substance 3D Stager software running on both Windows and macOS operating systems (Adobe Advisory).

The vulnerability is classified as a Stack-based Buffer Overflow (CWE-121) and Out-of-bounds Write (CWE-787). It has received a CVSS v3.1 base score of 7.8 (High) with the following vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H. This indicates that the vulnerability requires local access and user interaction, but no privileges, while potentially impacting confidentiality, integrity, and availability at high levels (Adobe Advisory, NVD).

If successfully exploited, this vulnerability could lead to arbitrary code execution in the context of the current user. The high severity rating indicates significant potential impact on system security, with possible complete compromise of the affected system's confidentiality, integrity, and availability (Adobe Advisory).

Adobe has addressed this vulnerability in newer versions of Substance 3D Stager. Users are advised to update their software to a version newer than 2.0.1 to mitigate this security risk (Adobe Advisory).