MGASA-2026-0170 Updated assimp packages fix security vulnerabilities

CVE-2025-2750,- A vulnerability, which was classified as critical, was found in Open Asset Import Library Assimp 5.4.3. This affects the function Assimp::CSMImporter::InternReadFile of the file code/AssetLib/CSM/CSMLoader.cpp of the component CSM File Handler. The manipulation leads to...

EUVD-2026-33565

A weakness has been identified in Assimp up to 6.0.4. Affected by this vulnerability is the function aiNode::aiNode of the file scene.cpp of the component ASE File Parser. Executing a manipulation can lead to use after free. The attack needs to be launched locally. The exploit has been made...

EUVD-2026-33520

A flaw has been found in Assimp up to 6.0.4. Affected by this vulnerability is the function Assimp::glTFImporter::ImportMeshes of the file glTFImporter.cpp of the component glTFImporter. This manipulation causes null pointer dereference. The attack is restricted to local execution. The exploit ha...

JLSEC-2026-186

Open Asset Import Library assimp commit 3c253ca was discovered to contain a segmentation violation via the component Assimp::XFileImporter::CreateMeshes...

JLSEC-2026-195

A vulnerability classified as problematic has been found in Open Asset Import Library Assimp 5.4.3. This affects the function MDLImporter::ParseSkinLump3DGSMDL7 of the file assimp/code/AssetLib/MDL/MDLMaterialLoader.cpp. The manipulation leads to out-of-bounds read. Attacking locally is a...

JLSEC-2026-189

A security vulnerability has been detected in Open Asset Import Library Assimp up to 6.0.2. Affected by this vulnerability is the function Assimp::LWOImporter::FindUVChannels of the file /src/assimp/code/AssetLib/LWO/LWOMaterial.cpp. Such manipulation leads to use after free. The attack needs to ...

JLSEC-2026-194

A vulnerability was found in Open Asset Import Library Assimp 5.4.3. It has been rated as problematic. Affected by this issue is the function SkipSpaces in the library assimp/include/assimp/ParsingUtils.h. The manipulation leads to out-of-bounds read. Local access is required to approach this...

Unity Linux 20.1070e Security Update: assimp (UTSA-2026-006186)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006186 advisory. A vulnerability classified as critical was found in Open Asset Import Library Assimp 5.4.3. This vulnerability affects the function Assimp::GetNextLine in the librar...

Unity Linux 20.1070e Security Update: assimp (UTSA-2026-006180)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006180 advisory. A vulnerability was found in Open Asset Import Library Assimp 5.4.3. It has been rated as problematic. Affected by this issue is the function...

Unity Linux 20.1070e Security Update: assimp (UTSA-2026-006193)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006193 advisory. A vulnerability was found in Open Asset Import Library Assimp 5.4.3. It has been classified as problematic. Affected is the function MDCImporter::InternReadFile of t...

Unity Linux 20.1070e Security Update: assimp (UTSA-2026-006192)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006192 advisory. A vulnerability, which was classified as critical, was found in Open Asset Import Library Assimp 5.4.3. Affected is the function...

Medium: qt5-qt3d

Issue Overview: A vulnerability classified as critical has been found in Open Asset Import Library Assimp 5.4.3. This affects the function Assimp::AC3DImporter::ConvertObjectSection of the file code/AssetLib/AC/ACLoader.cpp of the component AC3D File Handler. The manipulation of the argument tmp...

OESA-2026-1331 assimp security update

Assimp is a library to load and process geometric scenes from various data formats. Assimp aims to provide a full asset conversion pipeline for use in game engines and real-time rendering systems of any kind, but is not limited to this purpose. Security Fixes: A vulnerability was found in Open...

OESA-2026-1330 assimp security update

Assimp is a library to load and process geometric scenes from various data formats. Assimp aims to provide a full asset conversion pipeline for use in game engines and real-time rendering systems of any kind, but is not limited to this purpose. Security Fixes: A vulnerability was found in Open...

OESA-2026-1267 assimp security update

Assimp is a library to load and process geometric scenes from various data formats. Assimp aims to provide a full asset conversion pipeline for use in game engines and real-time rendering systems of any kind, but is not limited to this purpose. Security Fixes: A vulnerability, which was classifie...

[SECURITY] Fedora 42 Update: assimp-5.3.1-6.fc42

Assimp, the Open Asset Import Library, is a free library to import various well-known 3D model formats into applications. Assimp aims to provide a full asset conversion pipeline for use in game engines and real-time rendering systems, but is not limited to these applications...

CVE-2025-15538

A flaw was found in Open Asset Import Library Assimp. A local attacker can exploit a use-after-free vulnerability in the Assimp::LWOImporter::FindUVChannels function by manipulating input. This could lead to a limited impact on the confidentiality, integrity, and availability of the affected syst...

CVE-2025-15538

A security vulnerability has been detected in Open Asset Import Library Assimp up to 6.0.2. Affected by this vulnerability is the function Assimp::LWOImporter::FindUVChannels of the file /src/assimp/code/AssetLib/LWO/LWOMaterial.cpp. Such manipulation leads to use after free. The attack needs to ...

UBUNTU-CVE-2025-15538

A security vulnerability has been detected in Open Asset Import Library Assimp up to 6.0.2. Affected by this vulnerability is the function Assimp::LWOImporter::FindUVChannels of the file /src/assimp/code/AssetLib/LWO/LWOMaterial.cpp. Such manipulation leads to use after free. The attack needs to ...

CVE-2025-15538

A security vulnerability has been detected in Open Asset Import Library Assimp up to 6.0.2. Affected by this vulnerability is the function Assimp::LWOImporter::FindUVChannels of the file /src/assimp/code/AssetLib/LWO/LWOMaterial.cpp. Such manipulation leads to use after free. The attack needs to ...