CVE-2025-57108

Name of the Vulnerable Software and Affected Versions Kitware VTK (Visualization Toolkit) versions through 9.5.0

Description The software contains a heap use-after-free issue in vtkGLTFDocumentLoader. This occurs during mesh object copy operations, where vector members are accessed after the memory has been freed. The issue is triggered when processing GLTF files containing corrupted or invalid mesh reference structures.

Recommendations Versions prior to 9.5.0 are affected. At the moment, there is no information about a newer version that contains a fix for this vulnerability.