PT-2026-45215

Name of the Vulnerable Software and Affected Versions Assimp versions prior to 6.0.5 Description A null pointer dereference occurs in the glTFImporter component within the Assimp::glTFImporter::ImportMeshes function of the glTFImporter.cpp file. This issue allows for local execution attacks...

cgltf 安全漏洞

CGLTF is a library developed by Johannes Kuhlmann from Germany, used for loading and processing GLTF 3D model formats. Versions of CGLTF prior to 1.15 contained security vulnerabilities. These vulnerabilities stemmed from integer overflows in the cgltfvalidate function during the validation of...

CVE-2025-57108

Kitware VTK Visualization Toolkit contains a heap use-after-free vulnerability in vtkGLTFDocumentLoader. The vulnerability manifests during mesh object copy operations where vector members are accessed after the underlying memory has been freed, specifically when handling GLTF files with corrupte...

EUVD-2025-37360

Kitware VTK Visualization Toolkit through 9.5.0 contains a heap use-after-free vulnerability in vtkGLTFDocumentLoader. The vulnerability manifests during mesh object copy operations where vector members are accessed after the underlying memory has been freed, specifically when handling GLTF files...

EUVD-2025-37361

Kitware VTK Visualization Toolkit through 9.5.0 contains a heap buffer overflow vulnerability in vtkGLTFDocumentLoader. When processing specially crafted GLTF files, the copy constructor of Accessor objects fails to properly validate buffer boundaries before performing memory read operations...

CVE-2025-57106

Kitware VTK Visualization Toolkit up to 9.5.0 is vulnerable to Buffer Overflow in vtkGLTFDocumentLoader. The vulnerability occurs in the BufferDataExtractionWorker template function when processing GLTF accessor data...

CVE-2025-57106

Kitware VTK Visualization Toolkit up to 9.5.0 is vulnerable to Buffer Overflow in vtkGLTFDocumentLoader. The vulnerability occurs in the BufferDataExtractionWorker template function when processing GLTF accessor data...

Kitware VTK 安全漏洞

Kitware VTK is a 3D image generation software from Kitware open source. A security vulnerability exists in Kitware VTK 9.5.0 and earlier versions, which stems from a heap-release-after-reuse issue in the vtkGLTFDocumentLoader when processing GLTF files, which could lead to memory corruption...

PT-2025-44635

Name of the Vulnerable Software and Affected Versions Kitware VTK Visualization Toolkit versions prior to 9.5.1 Description Kitware VTK Visualization Toolkit versions up to 9.5.0 have a buffer overflow issue in the vtkGLTFDocumentLoader component. This occurs within the BufferDataExtractionWorker...

CVE-2025-57106

CVE-2025-57106 affects Kitware VTK up to 9.5.0, where a buffer overflow can occur in vtkGLTFDocumentLoader during GLTF accessor data processing in the BufferDataExtractionWorker template function. Red Hat and ENISA EUVD entries corroborate the same root cause and impact (buffer overflow). The CVE...

PT-2025-44636

Name of the Vulnerable Software and Affected Versions Kitware VTK Visualization Toolkit versions through 9.5.0 Description The software contains a heap buffer overflow issue within the vtkGLTFDocumentLoader. This occurs when processing specifically designed GLTF files, where the copy constructor ...

Kitware VTK 安全漏洞

Kitware VTK is a 3D image generation software from Kitware open source. A security vulnerability exists in Kitware VTK version 9.5.0, which stems from heap-release reuse when processing GLTF files, and could lead to accessing freed string members...

EUVD-2024-53161

Malicious code in bioql PyPI...

PT-2025-3300 · Unknown · 3D Engine Module

Name of the Vulnerable Software and Affected Versions: 3D engine module affected versions not specified Description: The issue concerns the vulnerability of input parameters not being verified during the loading of glTF models in the 3D engine module. Successful exploitation of this vulnerability...