CVE-2025-15666 | Open Asset Import Library Assimp up to 5.4.3 Model File SceneCombiner.cpp Copy width/height heap-based overflow (Issue 6079)

Inserito da Angelo Barbosa | Giu 29, 2026 | CVE

A vulnerability labeled as problematic has been found in Open Asset Import Library Assimp up to 5.4.3. Affected by this vulnerability is the function Assimp::SceneCombiner::Copy of the file code/Common/SceneCombiner.cpp of the component Model File Handler. Such manipulation of the argument width/height leads to heap-based buffer overflow.

This vulnerability is traded as CVE-2025-15666. An attack has to be approached locally. Furthermore, there is an exploit available.

This and similar defects are tracked and handled via issue #6128.

CVE-2025-15666 | Open Asset Import Library Assimp up to 5.4.3 Model File SceneCombiner.cpp Copy width/height heap-based overflow (Issue 6079)

Post correlati

CVE-2018-9472 | Google Android 7/8/8.1 xmlmemory.c xmlMemStrdupLoc out-of-bounds write

CVE-2026-1154 | SourceCodester E-Learning System 1.0 Lesson index.php Title/Description cross site scripting

CVE-2026-49842 | signalwire FreeSWITCH up to 1.11.0 WebSocket Frame atoi resource consumption (GHSA-p3gx-p2w7-wp35)

CVE-2024-10245 | Relais 2FA Plugin up to 1.0 on WordPress improper authentication