GHSA-fp83-vjxr-x824CriticalCVSS 9.6

A maliciously crafted webpage, when visited by a user with Autodesk Fusion Desktop running and...

Published
June 22, 2026
Last Modified
June 22, 2026

🔗 CVE IDs covered (1)

📋 Description

A maliciously crafted webpage, when visited by a user with Autodesk Fusion Desktop running and the MCP extension enabled, can trigger a vulnerability in the MCP extension that could allow arbitrary code execution. A successful exploit may allow code to execute with the privileges of the current user.

🔗 References (5)