CVE-2026-10197

Published
View on NVD ↗
CVSS v3
3.3
LOW
CVSS v2
1.7
LOW
Affected
2
PROJECTS

Description

A vulnerability was detected in Assimp up to 6.0.4. Affected is the function glTF2Importer::ImportEmbeddedTextures in the library code/AssetLib/glTF2/glTF2Importer.cpp of the component TF File Handler. The manipulation results in null pointer dereference. The attack is only possible with local access. The exploit is now public and may be used. It is advisable to implement a patch to correct this issue. The pull request to fix this issue awaits acceptance.

assimp/assimp
assimp/assimp
The official Open-Asset-Importer-Library Repository. Loads 40+ 3D-file-formats into one unified and clean data structure.
GitHubGitHub
13K
user-attachments/files
user-attachments/filesUNAVAILABLE
upload file to github
GitHubGitHub
3