VYPR

Assimp

by Assimp

Source repositories

CVEs (62)

  • CVE-2025-70067CriMay 4, 2026
    risk 0.64cvss 9.8epss 0.00

    Buffer Overflow vulnerability exists in Assimp versions up to 6.0.2 in the FBX Importer. The vulnerability occurs in aiMaterial::AddBinaryProperty, where a property key string from a crafted FBX file is copied into a fixed-size heap buffer using strcpy() without runtime length…

  • CVE-2025-70069HigMay 4, 2026
    risk 0.42cvss 7.5epss 0.00

    An issue in Assimp v.6.0.2 allows a remote attacker to cause a denial of service via the FBXConverter.cpp and ConvertMeshMultiMaterial() method

  • CVE-2025-70072MedMay 4, 2026
    risk 0.35cvss 6.5epss 0.00

    An issue in Assimp v.6.0.2 allows a remote attacker to cause a denial of service via the FBXConverter.cpp, FBXConverter::ConvertMeshMultiMaterial() components

  • CVE-2025-70070MedMay 4, 2026
    risk 0.35cvss 6.5epss 0.00

    An issue in Assimp v.6.0.2 allows a remote attacker to cause a denial of service via the FBXMeshGeometry.cpp, MeshGeometry::MeshGeometry()

  • CVE-2025-15538MedJan 18, 2026
    risk 0.34cvss 5.3epss 0.00

    A security vulnerability has been detected in Open Asset Import Library Assimp up to 6.0.2. Affected by this vulnerability is the function Assimp::LWOImporter::FindUVChannels of the file /src/assimp/code/AssetLib/LWO/LWOMaterial.cpp. Such manipulation leads to use after free.…

  • CVE-2025-11277MedOct 5, 2025
    risk 0.34cvss 5.3epss 0.00

    A weakness has been identified in Open Asset Import Library Assimp 6.0.2. This affects the function Q3DImporter::InternReadFile of the file assimp/code/AssetLib/Q3D/Q3DLoader.cpp. Executing a manipulation can lead to heap-based buffer overflow. The attack needs to be launched…

  • CVE-2025-11275MedOct 5, 2025
    risk 0.34cvss 5.3epss 0.00

    A vulnerability was identified in Open Asset Import Library Assimp 6.0.2. Affected by this vulnerability is the function ODDLParser::getNextSeparator in the library assimp/contrib/openddlparser/include/openddlparser/OpenDDLParserUtils.h. Such manipulation leads to heap-based…

  • CVE-2025-6120MedJun 16, 2025
    risk 0.34cvss 5.3epss 0.00

    A vulnerability classified as critical was found in Open Asset Import Library Assimp up to 5.4.3. Affected by this vulnerability is the function read_meshes in the library assimp/code/AssetLib/MDL/HalfLife/HL1MDLLoader.cpp. The manipulation leads to heap-based buffer overflow.…

  • CVE-2025-6119MedJun 16, 2025
    risk 0.34cvss 5.3epss 0.00

    A vulnerability classified as critical has been found in Open Asset Import Library Assimp up to 5.4.3. Affected is the function Assimp::BVHLoader::ReadNodeChannels in the library assimp/code/AssetLib/BVH/BVHLoader.cpp. The manipulation of the argument pNode leads to use after…

  • CVE-2025-3549MedApr 14, 2025
    risk 0.34cvss 5.3epss 0.00

    A vulnerability, which was classified as critical, was found in Open Asset Import Library Assimp 5.4.3. Affected is the function Assimp::MD3Importer::ValidateSurfaceHeaderOffsets of the file code/AssetLib/MD3/MD3Loader.cpp of the component File Handler. The manipulation leads to…

  • CVE-2025-3196MedApr 4, 2025
    risk 0.34cvss 5.3epss 0.00

    A vulnerability, which was classified as critical, was found in Open Asset Import Library Assimp 5.4.3. Affected is the function Assimp::MD2Importer::InternReadFile in the library code/AssetLib/MD2/MD2Loader.cpp of the component Malformed File Handler. The manipulation of the…

  • CVE-2025-70071MedMay 4, 2026
    risk 0.31cvss 5.9epss 0.00

    An issue in Assimp v.6.0.2 allows a remote attacker to cause a denial of service via the FBXParser.cpp, ParseVectorDataArray()

  • CVE-2026-10232MedJun 1, 2026
    risk 0.27cvss 5.3epss 0.00

    A weakness has been identified in Assimp up to 6.0.4. Affected by this vulnerability is the function aiNode::~aiNode of the file scene.cpp of the component ASE File Parser. Executing a manipulation can lead to use after free. The attack needs to be launched locally. The exploit…

  • CVE-2026-10231MedJun 1, 2026
    risk 0.27cvss 5.3epss 0.00

    A security flaw has been discovered in Assimp up to 6.0.4. Affected is the function HL1MDLLoader::extract_anim_value of the file HL1MDLLoader.cpp of the component Half-Life 1 MDL Loader. Performing a manipulation of the argument num.total results in heap-based buffer overflow.…

  • CVE-2026-10230MedJun 1, 2026
    risk 0.27cvss 5.3epss 0.00

    A vulnerability was identified in Assimp up to 6.0.4. This impacts the function Assimp::MDL::HalfLife::HL1MDLLoader::read_animations of the file HL1MDLLoader.cpp of the component Half-Life 1 MDL Loader. Such manipulation leads to heap-based buffer overflow. The attack must be…

  • CVE-2026-10229MedJun 1, 2026
    risk 0.27cvss 5.3epss 0.00

    A vulnerability was determined in Assimp up to 6.0.4. This affects the function HL1MDLLoader::read_meshes of the file HL1MDLLoader.cpp of the component Half-Life 1 MDL Loader. This manipulation causes heap-based buffer overflow. The attack is restricted to local execution. The…

  • CVE-2026-10200MedMay 31, 2026
    risk 0.27cvss 5.3epss 0.00

    A vulnerability was found in Assimp up to 6.0.4. This affects the function glTFCommon::CopyValue in the library glTFCommon.h of the component 4x4 Matrix Parser. Performing a manipulation results in heap-based buffer overflow. The attack must be initiated from a local position.…

  • CVE-2025-3548MedApr 14, 2025
    risk 0.27cvss 5.3epss 0.00

    A vulnerability, which was classified as critical, has been found in Open Asset Import Library Assimp up to 5.4.3. This issue affects the function aiString::Set in the library include/assimp/types.h of the component File Handler. The manipulation leads to heap-based buffer…

  • CVE-2025-11274LowOct 5, 2025
    risk 0.21cvss 3.3epss 0.00

    A vulnerability was determined in Open Asset Import Library Assimp 6.0.2. Affected is the function Q3DImporter::InternReadFile of the file assimp/code/AssetLib/Q3D/Q3DLoader.cpp. This manipulation causes allocation of resources. The attack is restricted to local execution. The…

  • CVE-2026-10233LowJun 1, 2026
    risk 0.14cvss 3.3epss 0.00

    A security vulnerability has been detected in Assimp up to 6.0.4. Affected by this issue is the function HL1MDLLoader::read_sequence_infos of the file HL1MDLLoader.cpp of the component Half-Life 1 MDL Loader. The manipulation of the argument aiString leads to out-of-bounds read.…

Page 1 of 4