CVE-2026-10197 | Assimp up to 6.0.4 TF File glTF2Importer.cpp ImportEmbeddedTextures null pointer dereference (Issue 6608)

Inserito da Angelo Barbosa | Mag 31, 2026 | CVE

A vulnerability was found in Assimp up to 6.0.4 and classified as problematic. Affected is the function glTF2Importer::ImportEmbeddedTextures in the library code/AssetLib/glTF2/glTF2Importer.cpp of the component TF File Handler. The manipulation results in null pointer dereference.

This vulnerability is identified as CVE-2026-10197. The attack is only possible with local access. Additionally, an exploit exists.

It is advisable to implement a patch to correct this issue.

The pull request to fix this issue awaits acceptance.

CVE-2026-10197 | Assimp up to 6.0.4 TF File glTF2Importer.cpp ImportEmbeddedTextures null pointer dereference (Issue 6608)

Post correlati

CVE-2025-24635 | Paytm Payment Donation Plugin up to 2.3.1 on WordPress cross site scripting

CVE-2025-0572 | Sante PACS Server 3.0.4/3.3.7 DCM File Parser path traversal

CVE-2022-44543 | femanager Extension up to 5.5.1/6.3.2/7.0.0 on TYPO3 Frontend User Creation protection mechanism

CVE-2025-13783 | taosir WTCMS up to 01a5f68a3dfc2fdddb44eed967bb2d4f60487665 CommentadminController CommentadminController.class.php check/uncheck/delete ids sql injection