CVE-2026-10197: Assimp glTF2 Null Pointer Dereference Denial of Service
Assimp, a widely-used open-source 3D model import library, contains a flaw in its glTF2 file handler that can cause the application to crash when processing maliciously crafted glTF2 files with embedded textures. An attacker with local file system access can trigger a null pointer dereference by supplying a crafted glTF2 file, leading to denial of service. The vulnerability affects versions up to and including 6.0.4. A fix exists in pending pull request form but has not yet been merged into a stable release.
Source data · NVD / CISA · public domain
- CVSS
- 3.1 · 3.3 LOW · CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
- Weaknesses (CWE)
- CWE-404, CWE-476
- Affected products
- 0 configuration(s)
- Published / Modified
- 2026-05-31 / 2026-06-17
NVD description (verbatim)
A vulnerability was detected in Assimp up to 6.0.4. Affected is the function glTF2Importer::ImportEmbeddedTextures in the library code/AssetLib/glTF2/glTF2Importer.cpp of the component TF File Handler. The manipulation results in null pointer dereference. The attack is only possible with local access. The exploit is now public and may be used. It is advisable to implement a patch to correct this issue. The pull request to fix this issue awaits acceptance.
8 reference(s) · View on NVD →
SEC.co analysis · AI-assisted, reviewed against source
Technical summary
The vulnerability resides in the glTF2Importer::ImportEmbeddedTextures function within code/AssetLib/glTF2/glTF2Importer.cpp. During the import process of embedded textures from glTF2 files, the code fails to properly validate or check for null pointer conditions before dereferencing memory. This results in a crash when the function encounters certain malformed texture data structures. The flaw is classified as CWE-404 (Improper Resource Validation) and CWE-476 (Null Pointer Dereference). Exploitation requires local access to the host system and the ability to place or reference a malicious glTF2 file that the Assimp library will process.
Business impact
Applications integrating Assimp for 3D model processing—commonly found in game engines, CAD software, visualization tools, and media applications—face availability risks. An attacker with local access can cause application crashes by providing crafted model files. While this does not enable data theft or code execution, repeated crashes can disrupt workflows, prevent legitimate file processing, or be weaponized in multi-stage attacks. Organizations relying on Assimp-based pipelines should assess whether untrusted or user-supplied glTF2 files are processed in their environment.
Affected systems
Assimp versions up to and including 6.0.4 are vulnerable. Any application or service that embeds Assimp and processes glTF2 files is potentially affected. This includes 3D modeling tools, game development engines using Assimp for asset import, CAD applications, and media processing pipelines. The threat is localized to scenarios where untrusted glTF2 files can be supplied to the system—such as user-uploaded content, file shares accessible to unprivileged users, or collaborative design environments.
Exploitability
Exploitation is straightforward in terms of mechanism: an attacker crafts a malicious glTF2 file and causes it to be processed by vulnerable Assimp code. However, practical exploitability is constrained by the requirement for local file system access—the attacker cannot remotely trigger this vulnerability over a network. Additionally, the attacker must be able to influence which files the application processes. Public knowledge of the flaw exists, increasing the likelihood that proof-of-concept or exploit tooling may emerge. The low CVSS score (3.3) reflects the local-only attack vector and the absence of confidentiality or integrity impact.
Remediation
Organizations should identify applications and services that depend on Assimp and determine their glTF2 processing exposure. Patching is the primary remediation: monitor Assimp's official repository and release channels for version 6.0.5 or later, which should include the fix currently pending in pull request review. Until a patched release is available, mitigations include restricting which users or processes can supply glTF2 files to Assimp-based tools, validating file sources, and isolating glTF2 processing in restricted execution environments. Code-level workarounds may be possible if building Assimp from source and applying the pending patch locally.
Patch guidance
Verify the official Assimp GitHub repository for a stable release incorporating the fix to glTF2Importer::ImportEmbeddedTextures. When available, upgrade all instances of Assimp to the patched version. If building from source, track the merged pull request and compile a version that includes the null pointer check. Test patched versions against your existing glTF2 asset library to ensure compatibility. For organizations using Assimp as a third-party dependency, check your package manager or bundled version and update the consuming application once patches become available.
Detection guidance
Monitor application logs for crashes or segmentation faults originating from Assimp's glTF2Importer. Observe patterns of glTF2 file processing failures correlating with specific file characteristics or sources. File integrity monitoring on directories where glTF2 assets are stored can flag unexpected or malicious additions. In development and testing environments, fuzz glTF2 files to identify additional potential null pointer issues before code reaches production. Security monitoring of file access and process execution can help detect scenarios where untrusted users are supplying files to Assimp-based tools.
Why prioritize this
Although the CVSS score is low, this vulnerability should not be ignored. Public exploit availability, combined with the commonality of Assimp in 3D graphics pipelines, means adversaries have both knowledge and motivation to exploit it. Organizations processing user-supplied or externally sourced glTF2 files should prioritize patching once releases are available. Even for environments with tighter local-access controls, the absence of a stable patch release creates a window of risk that warrants awareness and proactive remediation planning.
Risk score, explained
The CVSS 3.1 score of 3.3 (Low) reflects three key factors: (1) Attack Vector: Local only—the attacker must have file system access to place or reference a malicious file; (2) Attack Complexity: Low—once access is gained, triggering the crash requires minimal effort; (3) Impact: Availability only—the vulnerability causes denial of service (application crash) but does not compromise confidentiality or integrity. The score appropriately downweights the severity given the local-access barrier, but does not eliminate the need for timely remediation, particularly in environments where user-supplied glTF2 files are routine.
Frequently asked questions
Can this vulnerability be exploited remotely over a network?
No. The vulnerability requires local file system access—the attacker must be able to place or cause the application to process a malicious glTF2 file on the host system. Remote exploitation is not possible without an additional vulnerability that grants local access.
What happens when the vulnerability is triggered?
The vulnerable application using Assimp crashes due to a null pointer dereference when processing the crafted glTF2 file. This results in denial of service but does not leak data, corrupt files, or allow code execution. The application must be restarted to resume normal operation.
Which applications are most likely to be affected?
3D graphics software, game development engines, CAD tools, and media processing platforms that integrate Assimp and accept glTF2 input are most at risk. Applications that validate or sandbox untrusted file input before processing are at lower risk.
Is a patch available now?
A pull request containing the fix exists but has not yet been merged into an official stable release. Monitor the official Assimp GitHub repository for version 6.0.5 or later. Once released, upgrade all affected instances promptly.
This analysis is based on publicly available vulnerability data as of the publication date. Patch availability and version numbers should be verified against official vendor advisories and release notes. Organizations should conduct their own risk assessment based on their specific Assimp deployment, file processing workflows, and threat model. This vulnerability is not tracked in the CISA KEV catalog. No exploit code or weaponized proof-of-concept is provided herein. Source: NVD (public-domain), retrieved 2026-07-07. Analysis generated by SEC.co (claude-haiku-4-5).
Related vulnerabilities
- CVE-2026-10198LOWAssimp glTF Importer Null Pointer Dereference DoS Vulnerability
- CVE-2026-10199LOWAssimp Null Pointer Dereference in glTF2 Parsing
- CVE-2026-10298LOWwhisper.cpp Null Pointer Dereference Vulnerability – Local Denial of Service
- CVE-2026-10201LOWAssimp FBX Divide-by-Zero Denial of Service
- CVE-2026-10295LOWDenial of Service in SourceCodester Customer Review App 1.0
- CVE-2026-10705LOWDask HyperLogLog Resource Exhaustion Vulnerability
- CVE-2026-10775LOWSGLang Cache Handler Denial-of-Service Vulnerability (v0.5.11)
- CVE-2025-59604HIGHQualcomm Snapdragon Memory Corruption Vulnerability – HIGH Severity