VYPR

Tinyobjloader

by Kiyochii

Source repositories

CVEs (2)

  • CVE-2026-29628MedApr 13, 2026
    risk 0.33cvss 6.2epss 0.00

    A stack overflow in the experimental/tinyobj_loader_opt.h file of tinyobjloader commit d56555b allows attackers to cause a Denial of Service (DoS) via supplying a crafted .mtl file.

  • CVE-2020-28589Aug 11, 2021
    risk 0.00cvss epss 0.02

    An improper array index validation vulnerability exists in the LoadObj functionality of tinyobjloader v2.0-rc1 and tinyobjloader development commit 79d4421. A specially crafted file could lead to code execution. An attacker can provide a malicious file to trigger this…