Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-uyh4-2mcj-m3a5
Vulnerability ID VCID-uyh4-2mcj-m3a5
Aliases CVE-2005-4470
Summary Blender is vulnerable to a buffer overflow that may be exploited by attackers to execute arbitrary code.
Status Published
Exploitability 0.5
Weighted Severity 6.8
Risk 3.4
Affected and Fixed Packages Package Details
Weaknesses (0)
There are no known CWE.
System Score Found at
epss 0.05971 https://api.first.org/data/v1/epss?cve=CVE-2005-4470
epss 0.05971 https://api.first.org/data/v1/epss?cve=CVE-2005-4470
epss 0.05971 https://api.first.org/data/v1/epss?cve=CVE-2005-4470
epss 0.05971 https://api.first.org/data/v1/epss?cve=CVE-2005-4470
epss 0.05971 https://api.first.org/data/v1/epss?cve=CVE-2005-4470
epss 0.05971 https://api.first.org/data/v1/epss?cve=CVE-2005-4470
epss 0.05971 https://api.first.org/data/v1/epss?cve=CVE-2005-4470
epss 0.05971 https://api.first.org/data/v1/epss?cve=CVE-2005-4470
epss 0.05971 https://api.first.org/data/v1/epss?cve=CVE-2005-4470
cvssv2 7.5 https://nvd.nist.gov/vuln/detail/CVE-2005-4470
Reference id Reference type URL
https://api.first.org/data/v1/epss?cve=CVE-2005-4470
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4470
http://secunia.com/advisories/18176
http://secunia.com/advisories/18178
http://secunia.com/advisories/18452
http://secunia.com/advisories/19754
http://www.debian.org/security/2006/dsa-1039
http://www.gentoo.org/security/en/glsa/glsa-200601-08.xml
http://www.overflow.pl/adv/blenderinteger.txt
http://www.securityfocus.com/archive/1/419907/100/0/threaded
http://www.securityfocus.com/bid/15981
http://www.vupen.com/english/advisories/2005/3032
344398 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=344398
cpe:2.3:a:blender:blenloader:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:blender:blenloader:*:*:*:*:*:*:*:*
cpe:2.3:a:blender:blenloader:2.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:blender:blenloader:2.0:*:*:*:*:*:*:*
cpe:2.3:a:blender:blenloader:2.04:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:blender:blenloader:2.04:*:*:*:*:*:*:*
cpe:2.3:a:blender:blenloader:2.25:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:blender:blenloader:2.25:*:*:*:*:*:*:*
cpe:2.3:a:blender:blenloader:2.26:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:blender:blenloader:2.26:*:*:*:*:*:*:*
cpe:2.3:a:blender:blenloader:2.27:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:blender:blenloader:2.27:*:*:*:*:*:*:*
cpe:2.3:a:blender:blenloader:2.28:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:blender:blenloader:2.28:*:*:*:*:*:*:*
cpe:2.3:a:blender:blenloader:2.28a:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:blender:blenloader:2.28a:*:*:*:*:*:*:*
cpe:2.3:a:blender:blenloader:2.28c:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:blender:blenloader:2.28c:*:*:*:*:*:*:*
cpe:2.3:a:blender:blenloader:2.30:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:blender:blenloader:2.30:*:*:*:*:*:*:*
cpe:2.3:a:blender:blenloader:2.31a:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:blender:blenloader:2.31a:*:*:*:*:*:*:*
cpe:2.3:a:blender:blenloader:2.32:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:blender:blenloader:2.32:*:*:*:*:*:*:*
cpe:2.3:a:blender:blenloader:2.33:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:blender:blenloader:2.33:*:*:*:*:*:*:*
cpe:2.3:a:blender:blenloader:2.33a:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:blender:blenloader:2.33a:*:*:*:*:*:*:*
cpe:2.3:a:blender:blenloader:2.34:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:blender:blenloader:2.34:*:*:*:*:*:*:*
cpe:2.3:a:blender:blenloader:2.35:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:blender:blenloader:2.35:*:*:*:*:*:*:*
cpe:2.3:a:blender:blenloader:2.37:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:blender:blenloader:2.37:*:*:*:*:*:*:*
cpe:2.3:a:blender:blenloader:2.37a:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:blender:blenloader:2.37a:*:*:*:*:*:*:*
cpe:2.3:a:blender:blenloader:2.39:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:blender:blenloader:2.39:*:*:*:*:*:*:*
cpe:2.3:a:blender:blenloader:2.40_alpha:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:blender:blenloader:2.40_alpha:*:*:*:*:*:*:*
CVE-2005-4470 https://nvd.nist.gov/vuln/detail/CVE-2005-4470
GLSA-200601-08 https://security.gentoo.org/glsa/200601-08
USN-238-2 https://usn.ubuntu.com/238-2/
No exploits are available.
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2005-4470
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Exploit Prediction Scoring System (EPSS)
Percentile 0.90615
EPSS Score 0.05971
Published At April 1, 2026, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2026-04-01T13:12:01.219202+00:00 Gentoo Importer Import https://security.gentoo.org/glsa/200601-08 38.0.0