Unknown · Open Asset Import Library · CVE-2025-15538
**Name of the Vulnerable Software and Affected Versions**
Open Asset Import Library Assimp versions up to 6.0.2
**Description**
A security issue exists in Open Asset Import Library Assimp. The `Assimp::LWOImporter::FindUVChannels` function within the `/src/assimp/code/AssetLib/LWO/LWOMaterial.cpp` file is susceptible to a use after free condition. This manipulation requires local access to perform the attack. The details of the issue are tracked as issue #6128 and the exploit has been publicly disclosed.
**Recommendations**
Versions prior to 6.0.2 are affected. At the moment, there is no information about a newer version that contains a fix for this vulnerability.