CVE-2026-1288

MEDIUM NVD

CVSS Score 5.5

Severity MEDIUM

Published Jun 17, 2026

Vendor unknown

Description

A maliciously crafted RFA file, when converted to FormIt via “Convert RFA to FormIt” in Autodesk Revit, can force a NULL Pointer Dereference vulnerability. Successful exploitation may cause the application to crash, leading to a denial-of-service condition.

References

https://www.autodesk.com/products/autodesk-access/overview
https://www.autodesk.com/trust/security-advisories/adsk-sa-2026-0007