18 matches found
OESA-2026-2560 assimp security update
Assimp is a library to load and process geometric scenes from various data formats. Assimp aims to provide a full asset conversion pipeline for use in game engines and real-time rendering systems of any kind, but is not limited to this purpose. Security Fixes: A vulnerability was detected in Assi...
CVE-2026-10197
A flaw was found in Assimp. A local user with access to the system could exploit a null pointer dereference vulnerability in the glTF2Importer::ImportEmbeddedTextures function. This flaw could lead to a Denial of Service DoS, making the application unavailable. Mitigation Users should avoid...
CVE-2026-10199
A flaw was found in Assimp. A local attacker could trigger a null pointer dereference by manipulating an argument in the glTF2::LazyDict function. This vulnerability, located in the glTF2Asset.h library, could lead to an application crash, resulting in a denial of service DoS. Mitigation Mitigati...
SUSE CVE-2026-10197
A vulnerability was detected in Assimp up to 6.0.4. Affected is the function glTF2Importer::ImportEmbeddedTextures in the library code/AssetLib/glTF2/glTF2Importer.cpp of the component TF File Handler. The manipulation results in null pointer dereference. The attack is only possible with local...
EUVD-2026-33519
A vulnerability was detected in Assimp up to 6.0.4. Affected is the function glTF2Importer::ImportEmbeddedTextures in the library code/AssetLib/glTF2/glTF2Importer.cpp of the component TF File Handler. The manipulation results in null pointer dereference. The attack is only possible with local...
EUVD-2026-33521
A vulnerability has been found in Assimp up to 6.0.4. Affected by this issue is the function glTF2::LazyDict in the library glTF2Asset.h. Such manipulation of the argument operator leads to null pointer dereference. The attack must be carried out locally. The exploit has been disclosed to the...
CVE-2026-10199
A vulnerability has been found in Assimp up to 6.0.4. Affected by this issue is the function glTF2::LazyDict in the library glTF2Asset.h. Such manipulation of the argument operator leads to null pointer dereference. The attack must be carried out locally. The exploit has been disclosed to the...
DEBIAN-CVE-2026-10199
A vulnerability has been found in Assimp up to 6.0.4. Affected by this issue is the function glTF2::LazyDict in the library glTF2Asset.h. Such manipulation of the argument operator leads to null pointer dereference. The attack must be carried out locally. The exploit has been disclosed to the...
NULL Pointer Dereference
Overview Affected versions of this package are vulnerable to NULL Pointer Dereference in the glTF2::LazyDict function in glTF2Asset.h. An attacker can cause a denial of service by manipulating the argument to the operator. Remediation A fix was pushed into the master branch but not yet published...
UBUNTU-CVE-2026-10199
A vulnerability has been found in Assimp up to 6.0.4. Affected by this issue is the function glTF2::LazyDict in the library glTF2Asset.h. Such manipulation of the argument operator leads to null pointer dereference. The attack must be carried out locally. The exploit has been disclosed to the...
CVE-2026-10199
CVE-2026-10199 affects Assimp up to 6.0.4 in glTF2Asset.h: the glTF2::LazyDict function exposed by operator[] manipulation can cause a null pointer dereference. The issue is exploitable locally, with a proof-of-concept in the public domain. A patch is available (patch hash d24b85319bd70c65883a2b9...
CVE-2026-10199
A vulnerability has been found in Assimp up to 6.0.4. Affected by this issue is the function glTF2::LazyDict in the library glTF2Asset.h. Such manipulation of the argument operator leads to null pointer dereference. The attack must be carried out locally. The exploit has been disclosed to the...
CVE-2026-10199
A vulnerability has been found in Assimp up to 6.0.4. Affected by this issue is the function glTF2::LazyDict in the library glTF2Asset.h. Such manipulation of the argument operator leads to null pointer dereference. The attack must be carried out locally. The exploit has been disclosed to the...
CVE-2026-10197 Assimp TF File glTF2Importer.cpp ImportEmbeddedTextures null pointer dereference
A vulnerability was detected in Assimp up to 6.0.4. Affected is the function glTF2Importer::ImportEmbeddedTextures in the library code/AssetLib/glTF2/glTF2Importer.cpp of the component TF File Handler. The manipulation results in null pointer dereference. The attack is only possible with local...
CVE-2026-10197
A vulnerability was detected in Assimp up to 6.0.4. Affected is the function glTF2Importer::ImportEmbeddedTextures in the library code/AssetLib/glTF2/glTF2Importer.cpp of the component TF File Handler. The manipulation results in null pointer dereference. The attack is only possible with local...
CVE-2026-10197
Technical details are not publicly available in the provided documents; monitor for updates as more specifics (affected components, impact, fixes) may be released.
PT-2026-45214
Name of the Vulnerable Software and Affected Versions Assimp versions prior to 6.0.5 Description A null pointer dereference occurs in the TF File Handler component within the glTF2Importer::ImportEmbeddedTextures function located in the code/AssetLib/glTF2/glTF2Importer.cpp library file. This iss...
PT-2026-45216
Name of the Vulnerable Software and Affected Versions Assimp versions prior to 6.0.5 Description A null pointer dereference occurs in the glTF2::LazyDict function within the glTF2Asset.h library. This issue is triggered by the manipulation of the operator argument and requires local access to be...