Description
A vulnerability has been found in Assimp up to 6.0.4. Affected by this issue is the function glTF2::LazyDict in the library glTF2Asset.h. Such manipulation of the argument operator[] leads to null pointer dereference. The attack must be carried out locally. The exploit has been disclosed to the public and may be used. The name of the patch is d24b85319bd70c65883a2b96613e07e23fb95981. It is best practice to apply a patch to resolve this issue.
References (9)
Core 9
Core References
Vdb Entry, Technical Description vdb-entry
technical-description
VDB-367479 | Assimp glTF2Asset.h LazyDict null pointer dereference
https://vuldb.com/vuln/367479
Signature, Permissions Required signature
permissions-required
VDB-367479 | CTI Indicators (IOB, IOC, IOA)
https://vuldb.com/vuln/367479/cti
Third Party Advisory third-party-advisory
CVE-2026-10199 | CVE Analysis and Report
https://vuldb.com/cve/CVE-2026-10199
Third Party Advisory third-party-advisory
Submit #821179 | Assimp commit 17c12da NULL Pointer Dereference
https://vuldb.com/submit/821179
Issue Tracking issue-tracking
https://github.com/assimp/assimp/issues/6611
Patch issue-tracking
patch
https://github.com/assimp/assimp/pull/6646
Exploit exploit
https://github.com/user-attachments/files/27194148/poc.zip
Product product
https://github.com/assimp/assimp/
Scores
CVSS v3
3.3
EPSS
0.0012
EPSS Percentile
2.0%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
CISA SSVC
Vulnrichment
Exploitation
poc
Automatable
no
Technical Impact
partial
Details
CWE
CWE-404
CWE-476
Status
published
Products (5)
None/Assimp
6.0.0
None/Assimp
6.0.1
None/Assimp
6.0.2
None/Assimp
6.0.3
None/Assimp
6.0.4
Published
May 31, 2026
Tracked Since
Jun 01, 2026