Browse all 30 CVE security advisories affecting AcademySoftwareFoundation. AI-powered Chinese analysis, POCs, and references for each vulnerability.
The Academy Software Foundation serves as a neutral home for open-source projects supporting the visual effects, animation, and media industries. Its portfolio includes critical tools like OpenColorIO and OpenUSD, which facilitate data interchange and rendering workflows across major studios. Historically, vulnerabilities within these ecosystems have predominantly involved remote code execution and cross-site scripting, often stemming from complex input parsing in image processing libraries. While the foundation itself does not develop software, it oversees governance for member projects, meaning security incidents typically reflect the underlying codebases rather than the foundation’s infrastructure. Notable incidents have included privilege escalation flaws in plugin architectures, highlighting risks in extensible systems. With 27 recorded CVEs, the foundation emphasizes collaborative security audits and standardized testing protocols to mitigate risks inherent in high-precision visual computing environments, ensuring stability for global production pipelines without adopting aggressive marketing narratives.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-53012 | MaterialX's Lack of Import Depth Limit Leads to DoS (Denial-Of-Service) Via Stack Exhaustion — MaterialXCWE-400 | 7.5 | - | 2025-08-01 |
| CVE-2025-53011 | MaterialX is Vulnerable to NULL Pointer Dereference due to Unchecked implGraphOutput — MaterialXCWE-476 | 5.5 | - | 2025-08-01 |
| CVE-2025-53010 | MaterialX's unchecked nodeGraph->getOutput return is vulnerable to NULL Pointer Dereference — MaterialXCWE-476 | 5.5 | - | 2025-08-01 |
| CVE-2025-53009 | MaterialX Stack Overflow via Lack of MTLX XML Parsing Recursion Limit — MaterialXCWE-121 | 5.5 | - | 2025-08-01 |
This page lists every published CVE security advisory associated with AcademySoftwareFoundation. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.