Public CVE-2023-25006 disclosure

A malicious actor may convince a user to open a malicious USD file that may trigger an uninitialized pointer which could result in code execution.