CVE-2023-25007

A malicious actor may convince a user to open a malicious USD file that may trigger an uninitialized pointer which could result in code execution.