Critical
CVE-2025-27779
Applio is a voice conversion tool. Versions 3.2.8-bugfix and prior are vulnerable to unsafe deserialization in `model_blender.py` lines 20 and 21. `model_fusion_a` and `model_fusion_b` from voice_ble…
Tag: Blender
All CVEs associated with "Blender". Page 1/1 • 39 CVEs.
About “Blender”
A curated feed of “Blender”-related CVEs appears below. We currently track 39 CVEs for this tag (all time). In the last 365 days, 0 were published. Average CVSS is 7.5 (all time), and 82% are rated High/Critical (all time). Top CWEs (all time): CWE-190 - Integer Overflow or Wraparound, CWE-94 - Improper Control of Generation of Code ('Code Injection'), CWE-59 - Improper Link Resolution Before File Access ('Link Following').
In our taxonomy this topic maps to a LOW impact class. Media and transcoding libraries process untrusted files. Upgrade libraries, sandbox processing, cap resources, and prefer safe defaults. Use the filters below to sort by CVSS, risk and CWE. Each detail page highlights vendor advisories and mitigation tips.
Support & lifecycle: blender
This table shows recent release cycles and their projected end-of-life. Data source: endoflife.date.
| Cycle | Release | Latest | Premier Support | EOL | LTS |
|---|---|---|---|---|---|
| 5.1 | 5.1.2 | Soon | |||
| 5.0 | 5.0.1 | Expired | |||
| 4.5 | 4.5.10 | LTS | |||
| 4.4 | 4.4.3 | Expired | |||
| 4.3 | 4.3.2 | Expired | |||
| 4.2 | 4.2.21 | Soon | LTS | ||
| 4.1 | 4.1.1 | Expired | |||
| 4.0 | 4.0.2 | Expired | |||
| 3.6 | 3.6.23 | Expired | LTS | ||
| 3.5 | 3.5.1 | Expired | |||
| 3.4 | 3.4.1 | Expired | |||
| 3.3 | 3.3.21 | Expired | LTS | ||
| 3.2 | 3.2.2 | Expired | |||
| 3.1 | 3.1.2 | Expired | |||
| 3.0 | 3.0.1 | Expired | |||
| 2.93 | 2.93.18 | Expired | LTS | ||
| 2.83 | 2.83.20 | Expired | LTS |
Maintained Soon (≤ 180 days) Expired
Subscribe lifecycle: RSS · RSS (expired) · ICS
Subscribe CVEs: RSS for “Blender” · RSS (High+Critical only)
CVEs tagged with this topic. Filters apply to the whole list (loaded from JSON).
CVSS ≥ 0.0
2025-03-19
2024-10-21
Medium
CVE-2024-47720
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add null check for set_output_gamma in dcn30_set_output_transfer_func This commit adds a null check for the set_…
2022-08-16
High
CVE-2022-2833
Endless Infinite loop in Blender-thumnailing due to logical bugs.
High
CVE-2022-2832
A flaw was found in Blender 3.3.0. A null pointer dereference exists in source/blender/gpu/opengl/gl_backend.cc that may lead to loss of confidentiality and integrity.
High
CVE-2022-2831
A flaw was found in Blender 3.3.0. An interger overflow in source/blender/blendthumb/src/blendthumb_extract.cc may lead to program crash or memory corruption.
2022-02-24
High
CVE-2022-0546
A missing bounds check in the image loader used in Blender 3.x and 2.93.8 leads to out-of-bounds heap access, allowing an attacker to cause denial of service, memory corruption or potentially code ex…
High
CVE-2022-0545
An integer overflow in the processing of loaded 2D images leads to a write-what-where vulnerability and an out-of-bounds read vulnerability, allowing an attacker to leak sensitive information or achi…
Medium
CVE-2022-0544
An integer underflow in the DDS loader of Blender leads to an out-of-bounds read, possibly allowing an attacker to read sensitive data using a crafted DDS image file. This flaw affects Blender versio…
2018-04-24
High
CVE-2017-2918
An exploitable integer overflow exists in the Image loading functionality of the Blender open-source 3d creation suite v2.78c. A specially crafted .blend file can cause an integer overflow resulting…
High
CVE-2017-2908
An exploitable integer overflow exists in the thumbnail functionality of the Blender open-source 3d creation suite version 2.78c. A specially crafted .blend file can cause an integer overflow resulti…
High
CVE-2017-2907
An exploitable integer overflow exists in the animation playing functionality of the Blender open-source 3d creation suite version 2.78c. A specially created '.avi' file can cause an integer overflow…
High
CVE-2017-2906
An exploitable integer overflow exists in the animation playing functionality of the Blender open-source 3d creation suite version 2.78c. A specially created '.avi' file can cause an integer overflow…
High
CVE-2017-2905
An exploitable integer overflow exists in the bmp loading functionality of the Blender open-source 3d creation suite version 2.78c. A specially crafted '.bmp' file can cause an integer overflow resul…
High
CVE-2017-2904
An exploitable integer overflow exists in the RADIANCE loading functionality of the Blender open-source 3d creation suite version 2.78c. A specially crafted '.hdr' file can cause an integer overflow…
High
CVE-2017-2903
An exploitable integer overflow exists in the DPX loading functionality of the Blender open-source 3d creation suite version 2.78c. A specially crafted '.cin' file can cause an integer overflow resul…
High
CVE-2017-2902
An exploitable integer overflow exists in the DPX loading functionality of the Blender open-source 3d creation suite version 2.78c. A specially crafted '.cin' file can cause an integer overflow resul…
High
CVE-2017-2901
An exploitable integer overflow exists in the IRIS loading functionality of the Blender open-source 3d creation suite version 2.78c. A specially crafted '.iris' file can cause an integer overflow res…
High
CVE-2017-2900
An exploitable integer overflow exists in the PNG loading functionality of the Blender open-source 3d creation suite version 2.78c. A specially crafted '.png' file can cause an integer overflow resul…
High
CVE-2017-2899
An exploitable integer overflow exists in the TIFF loading functionality of the Blender open-source 3d creation suite version 2.78c. A specially crafted '.tif' file can cause an integer overflow resu…
High
CVE-2017-12105
An exploitable integer overflow exists in the way that the Blender open-source 3d creation suite v2.78c applies a particular object modifier to a Mesh. A specially crafted .blend file can cause an in…
High
CVE-2017-12104
An exploitable integer overflow exists in the way that the Blender open-source 3d creation suite v2.78c draws a Particle object. A specially crafted .blend file can cause an integer overflow resultin…
High
CVE-2017-12103
An exploitable integer overflow exists in the way that the Blender open-source 3d creation suite v2.78c converts text rendered as a font into a curve. A specially crafted .blend file can cause an int…
High
CVE-2017-12102
An exploitable integer overflow exists in the way that the Blender open-source 3d creation suite v2.78c converts curves to polygons. A specially crafted .blend file can cause an integer overflow resu…
High
CVE-2017-12101
An exploitable integer overflow exists in the 'modifier_mdef_compact_influences' functionality of the Blender open-source 3d creation suite v2.78c. A specially crafted .blend file can cause an intege…
High
CVE-2017-12100
An exploitable integer overflow exists in the 'multires_load_old_dm' functionality of the Blender open-source 3d creation suite v2.78c. A specially crafted .blend file can cause an integer overflow r…
High
CVE-2017-12099
An exploitable integer overflow exists in the upgrade of the legacy Mesh attribute 'tface' of the Blender open-source 3d creation suite v2.78c. A specially crafted .blend file can cause an integer ov…
High
CVE-2017-12086
An exploitable integer overflow exists in the 'BKE_mesh_calc_normals_tessface' functionality of the Blender open-source 3d creation suite. A specially crafted .blend file can cause an integer overflo…
High
CVE-2017-12082
An exploitable integer overflow exists in the 'CustomData' Mesh loading functionality of the Blender open-source 3d creation suite. A .blend file with a specially crafted external data file can cause…
High
CVE-2017-12081
An exploitable integer overflow exists in the upgrade of a legacy Mesh attribute of the Blender open-source 3d creation suite v2.78c. A specially crafted .blend file can cause an integer overflow res…
2014-04-27
Low
CVE-2010-5105
The undo save quit routine in the kernel in Blender 2.5, 2.63a, and earlier allows local users to overwrite arbitrary files via a symlink attack on the quit.blend temporary file. NOTE: this issue mi…
2013-11-22
Medium
CVE-2013-6342
Cross-site scripting (XSS) vulnerability in the Tweet Blender plugin before 4.0.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the tb_tab_index parameter to wp-adm…
2009-11-06
Critical
CVE-2009-3850
Blender 2.34, 2.35a, 2.40, and 2.49b allows remote attackers to execute arbitrary code via a .blend file that contains Python statements in the onLoad action of a ScriptLink SDNA.
2008-11-01
Medium
CVE-2008-4863
Untrusted search path vulnerability in BPY_interface in Blender 2.46 allows local users to execute arbitrary code via a Trojan horse Python file in the current working directory, related to an errone…
2008-04-28
Medium
CVE-2008-1103
Multiple unspecified vulnerabilities in Blender have unknown impact and attack vectors, related to "temporary file issues."
2008-04-22
Medium
CVE-2008-1102
Stack-based buffer overflow in the imb_loadhdr function in Blender 2.45 allows user-assisted remote attackers to execute arbitrary code via a .blend file that contains a crafted Radiance RGBE image.
2007-03-03
Critical
CVE-2007-1253
Eval injection vulnerability in the (a) kmz_ImportWithMesh.py Script for Blender 0.1.9h, as used in (b) Blender before 2.43, allows user-assisted remote attackers to execute arbitrary Python code by…
2005-12-22
High
CVE-2005-4470
Heap-based buffer overflow in the get_bhead function in readfile.c in Blender BlenLoader 2.0 through 2.40pre allows remote attackers to cause a denial of service (application crash) and possibly exec…
2005-10-24
High
CVE-2005-3302
Eval injection vulnerability in bvh_import.py in Blender 2.36 allows attackers to execute arbitrary Python code via a hierarchy element in a .bvh file, which is supplied to an eval function call.
2005-10-05
High
CVE-2005-3151
Buffer overflow in blenderplay in Blender Player 2.37a allows attackers to execute arbitrary code via a long command line argument.