CVE-2026-10789 – MCP Extension Code Injection Vulnerability in Autodesk Fusion Desktop

​CVE ID :CVE-2026-10789

Published : June 22, 2026, 5:15 p.m. | 2 hours, 2 minutes ago

Description :A maliciously crafted webpage, when visited by a user with Autodesk Fusion Desktop running and the MCP extension enabled, can trigger a vulnerability in the MCP extension that could allow arbitrary code execution. A successful exploit may allow code to execute with the privileges of the current user.

Severity: 9.6 | CRITICAL

Visit the link for more details, such as CVSS details, affected products, timeline, and more… To Read More Visit Read More