{"api_version":"1","generated_at":"2026-06-03T06:13:02+00:00","cve":"CVE-2026-7858","urls":{"html":"https://cve.report/CVE-2026-7858","api":"https://cve.report/api/cve/CVE-2026-7858.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2026-7858","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2026-7858"},"summary":{"title":"Deserialization of Untrusted Data vulnerability affecting Teamwork Cloud from No Magic Release 2022x through No Magic Release 2026x and Magic Collaboration Studio from CATIA Magic Release 2022x through CATIA Magic Release 2026x","description":"A Deserialization of Untrusted Data vulnerability affecting Teamwork Cloud from No Magic Release 2022x through No Magic Release 2026x and Magic Collaboration Studio from CATIA Magic Release 2022x through CATIA Magic Release 2026x could lead to an unauthenticated remote code execution.","state":"PUBLISHED","assigner":"3DS","published_at":"2026-06-01 09:16:20","updated_at":"2026-06-01 17:57:39"},"problem_types":["CWE-502","CWE-502 CWE-502 Deserialization of Untrusted Data"],"metrics":[{"version":"3.1","source":"3DS.Information-Security@3ds.com","type":"Secondary","score":"9.8","severity":"CRITICAL","vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","data":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"}},{"version":"3.1","source":"CNA","type":"CVSS","score":"9.8","severity":"CRITICAL","vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","data":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"HIGH","baseScore":9.8,"baseSeverity":"CRITICAL","confidentialityImpact":"HIGH","integrityImpact":"HIGH","privilegesRequired":"NONE","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","version":"3.1"}}],"references":[{"url":"https://www.3ds.com/trust-center/security/security-advisories/cve-2026-7858","name":"https://www.3ds.com/trust-center/security/security-advisories/cve-2026-7858","refsource":"3DS.Information-Security@3ds.com","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://www.cve.org/CVERecord?id=CVE-2026-7858","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-7858","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"Dassault Systèmes","product":"Teamwork Cloud - Standard Edition","version":"affected No Magic Release 2022x Golden No Magic Release 2022x Refresh2 HF3 custom","platforms":[]},{"source":"CNA","vendor":"Dassault Systèmes","product":"Teamwork Cloud - Standard Edition","version":"affected No Magic Release 2024x Golden No Magic Release 2024x Refresh3 HF1 custom","platforms":[]},{"source":"CNA","vendor":"Dassault Systèmes","product":"Teamwork Cloud - Standard Edition","version":"affected No Magic Release 2026x Golden No Magic Release 2026x Golden HF2 custom","platforms":[]},{"source":"CNA","vendor":"Dassault Systèmes","product":"Teamwork Cloud - Business Edition","version":"affected No Magic Release 2022x Golden No Magic Release 2022x Refresh2 HF3 custom","platforms":[]},{"source":"CNA","vendor":"Dassault Systèmes","product":"Teamwork Cloud - Business Edition","version":"affected No Magic Release 2024x Golden No Magic Release 2024x Refresh3 HF1 custom","platforms":[]},{"source":"CNA","vendor":"Dassault Systèmes","product":"Teamwork Cloud - Business Edition","version":"affected No Magic Release 2026x Golden No Magic Release 2026x Golden HF2 custom","platforms":[]},{"source":"CNA","vendor":"Dassault Systèmes","product":"Teamwork Cloud - Business Pro Edition","version":"affected No Magic Release 2022x Golden No Magic Release 2022x Refresh2 HF3 custom","platforms":[]},{"source":"CNA","vendor":"Dassault Systèmes","product":"Teamwork Cloud - Business Pro Edition","version":"affected No Magic Release 2024x Golden No Magic Release 2024x Refresh3 HF1 custom","platforms":[]},{"source":"CNA","vendor":"Dassault Systèmes","product":"Teamwork Cloud - Business Pro Edition","version":"affected No Magic Release 2026x Golden No Magic Release 2026x Golden HF2 custom","platforms":[]},{"source":"CNA","vendor":"Dassault Systèmes","product":"Teamwork Cloud - Enterprise Edition","version":"affected No Magic Release 2022x Golden No Magic Release 2022x Refresh2 HF3 custom","platforms":[]},{"source":"CNA","vendor":"Dassault Systèmes","product":"Teamwork Cloud - Enterprise Edition","version":"affected No Magic Release 2024x Golden No Magic Release 2024x Refresh3 HF1 custom","platforms":[]},{"source":"CNA","vendor":"Dassault Systèmes","product":"Teamwork Cloud - Enterprise Edition","version":"affected No Magic Release 2026x Golden No Magic Release 2026x Golden HF2 custom","platforms":[]},{"source":"CNA","vendor":"Dassault Systèmes","product":"Magic Collaboration Studio","version":"affected CATIA Magic Release 2022x Golden CATIA Magic Release 2022x Refresh2 HF3 custom","platforms":[]},{"source":"CNA","vendor":"Dassault Systèmes","product":"Magic Collaboration Studio","version":"affected CATIA Magic Release 2024x Golden CATIA Magic Release 2024x Refresh3 HF1 custom","platforms":[]},{"source":"CNA","vendor":"Dassault Systèmes","product":"Magic Collaboration Studio","version":"affected CATIA Magic Release 2026x Golden CATIA Magic Release 2026x Golden HF2 custom","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[{"source":"CNA","value":"Tyler Harkness","lang":"en"}],"nvd_cpes":[],"vendor_comments":[],"enrichments":{"kev":null,"epss":{"cve_year":"2026","cve_id":"7858","cve":"CVE-2026-7858","epss":"0.003430000","percentile":"0.571680000","score_date":"2026-06-02","updated_at":"2026-06-03 00:08:15"},"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"metrics":[{"other":{"content":{"id":"CVE-2026-7858","options":[{"Exploitation":"none"},{"Automatable":"yes"},{"Technical Impact":"total"}],"role":"CISA Coordinator","timestamp":"2026-06-01T13:10:19.818378Z","version":"2.0.3"},"type":"ssvc"}}],"providerMetadata":{"dateUpdated":"2026-06-01T13:10:31.858Z","orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP"},"title":"CISA ADP Vulnrichment"}],"cna":{"affected":[{"defaultStatus":"unaffected","product":"Teamwork Cloud - Standard Edition","vendor":"Dassault Systèmes","versions":[{"lessThanOrEqual":"No Magic Release 2022x Refresh2 HF3","status":"affected","version":"No Magic Release 2022x Golden","versionType":"custom"},{"lessThanOrEqual":"No Magic Release 2024x Refresh3 HF1","status":"affected","version":"No Magic Release 2024x Golden","versionType":"custom"},{"lessThanOrEqual":"No Magic Release 2026x Golden HF2","status":"affected","version":"No Magic Release 2026x Golden","versionType":"custom"}]},{"defaultStatus":"unaffected","product":"Teamwork Cloud - Business Edition","vendor":"Dassault Systèmes","versions":[{"lessThanOrEqual":"No Magic Release 2022x Refresh2 HF3","status":"affected","version":"No Magic Release 2022x Golden","versionType":"custom"},{"lessThanOrEqual":"No Magic Release 2024x Refresh3 HF1","status":"affected","version":"No Magic Release 2024x Golden","versionType":"custom"},{"lessThanOrEqual":"No Magic Release 2026x Golden HF2","status":"affected","version":"No Magic Release 2026x Golden","versionType":"custom"}]},{"defaultStatus":"unaffected","product":"Teamwork Cloud - Business Pro Edition","vendor":"Dassault Systèmes","versions":[{"lessThanOrEqual":"No Magic Release 2022x Refresh2 HF3","status":"affected","version":"No Magic Release 2022x Golden","versionType":"custom"},{"lessThanOrEqual":"No Magic Release 2024x Refresh3 HF1","status":"affected","version":"No Magic Release 2024x Golden","versionType":"custom"},{"lessThanOrEqual":"No Magic Release 2026x Golden HF2","status":"affected","version":"No Magic Release 2026x Golden","versionType":"custom"}]},{"defaultStatus":"unaffected","product":"Teamwork Cloud - Enterprise Edition","vendor":"Dassault Systèmes","versions":[{"lessThanOrEqual":"No Magic Release 2022x Refresh2 HF3","status":"affected","version":"No Magic Release 2022x Golden","versionType":"custom"},{"lessThanOrEqual":"No Magic Release 2024x Refresh3 HF1","status":"affected","version":"No Magic Release 2024x Golden","versionType":"custom"},{"lessThanOrEqual":"No Magic Release 2026x Golden HF2","status":"affected","version":"No Magic Release 2026x Golden","versionType":"custom"}]},{"defaultStatus":"unaffected","product":"Magic Collaboration Studio","vendor":"Dassault Systèmes","versions":[{"lessThanOrEqual":"CATIA Magic Release 2022x Refresh2 HF3","status":"affected","version":"CATIA Magic Release 2022x Golden","versionType":"custom"},{"lessThanOrEqual":"CATIA Magic Release 2024x Refresh3 HF1","status":"affected","version":"CATIA Magic Release 2024x Golden","versionType":"custom"},{"lessThanOrEqual":"CATIA Magic Release 2026x Golden HF2","status":"affected","version":"CATIA Magic Release 2026x Golden","versionType":"custom"}]}],"credits":[{"lang":"en","type":"finder","user":"00000000-0000-4000-9000-000000000000","value":"Tyler Harkness"}],"descriptions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"A Deserialization of Untrusted Data vulnerability affecting Teamwork Cloud from No Magic Release 2022x through No Magic Release 2026x and Magic Collaboration Studio from CATIA Magic Release 2022x through CATIA Magic Release 2026x could lead to an unauthenticated remote code execution."}],"value":"A Deserialization of Untrusted Data vulnerability affecting Teamwork Cloud from No Magic Release 2022x through No Magic Release 2026x and Magic Collaboration Studio from CATIA Magic Release 2022x through CATIA Magic Release 2026x could lead to an unauthenticated remote code execution."}],"metrics":[{"cvssV3_1":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"HIGH","baseScore":9.8,"baseSeverity":"CRITICAL","confidentialityImpact":"HIGH","integrityImpact":"HIGH","privilegesRequired":"NONE","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","version":"3.1"},"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}]}],"problemTypes":[{"descriptions":[{"cweId":"CWE-502","description":"CWE-502 Deserialization of Untrusted Data","lang":"en","type":"CWE"}]}],"providerMetadata":{"dateUpdated":"2026-06-01T07:45:34.201Z","orgId":"f5a594e6-46a7-4e60-8a08-0a786e70e433","shortName":"3DS"},"references":[{"url":"https://www.3ds.com/trust-center/security/security-advisories/cve-2026-7858"}],"source":{"discovery":"EXTERNAL"},"title":"Deserialization of Untrusted Data vulnerability affecting Teamwork Cloud from No Magic Release 2022x through No Magic Release 2026x and Magic Collaboration Studio from CATIA Magic Release 2022x through CATIA Magic Release 2026x","x_generator":{"engine":"Vulnogram 0.1.0-dev"}}},"cveMetadata":{"assignerOrgId":"f5a594e6-46a7-4e60-8a08-0a786e70e433","assignerShortName":"3DS","cveId":"CVE-2026-7858","datePublished":"2026-06-01T07:45:34.201Z","dateReserved":"2026-05-05T11:42:41.151Z","dateUpdated":"2026-06-01T13:10:31.858Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.2"},"nvd":{"publishedDate":"2026-06-01 09:16:20","lastModifiedDate":"2026-06-01 17:57:39","problem_types":["CWE-502","CWE-502 CWE-502 Deserialization of Untrusted Data"],"metrics":{"cvssMetricV31":[{"source":"3DS.Information-Security@3ds.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}]},"configurations":[]},"legacy_mitre":{"record":{"CveYear":"2026","CveId":"7858","Ordinal":"1","Title":"Deserialization of Untrusted Data vulnerability affecting Teamwo","CVE":"CVE-2026-7858","Year":"2026"},"notes":[{"CveYear":"2026","CveId":"7858","Ordinal":"1","NoteData":"A Deserialization of Untrusted Data vulnerability affecting Teamwork Cloud from No Magic Release 2022x through No Magic Release 2026x and Magic Collaboration Studio from CATIA Magic Release 2022x through CATIA Magic Release 2026x could lead to an unauthenticated remote code execution.","Type":"Description","Title":"Deserialization of Untrusted Data vulnerability affecting Teamwo"}]}}}