PT-2026-45217 · Assimp · Assimp

Tygls

Published

2026-05-31

Updated

2026-06-01

CVE-2026-10200

CVSS v3.1

5.3

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

Name of the Vulnerable Software and Affected Versions Assimp versions prior to 6.0.5

Description A heap-based buffer overflow exists in the 4x4 Matrix Parser component within the glTFCommon.h library. This issue occurs in the glTFCommon::CopyValue() function and can be triggered by a local attacker through specific manipulation, potentially allowing for arbitrary code execution.

Recommendations Update to version 6.0.5 or later. As a temporary workaround, restrict the use of the glTFCommon::CopyValue() function in the 4x4 Matrix Parser component.

Exploit

Fix

Buffer Overflow

Heap Based Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119CWE-122

Related Identifiers

CVE-2026-10200

Affected Products

Assimp

PT-2026-45217 · Assimp · Assimp

CVE-2026-10200

Weakness Enumeration

Related Identifiers

Affected Products

References · 17