CVE-2026-10198: Assimp glTF Importer Null Pointer Dereference DoS Vulnerability
Assimp, a popular open-source 3D model import library, contains a flaw in its glTF file import handler that can cause the application to crash. The vulnerability stems from improper handling of certain glTF mesh data, leading to a null pointer dereference when the ImportMeshes function processes malformed or specially crafted files. An attacker with local access to a system running a vulnerable version of Assimp could trigger this crash, resulting in denial of service. The issue affects Assimp versions up to and including 6.0.4.
Source data · NVD / CISA · public domain
- CVSS
- 3.1 · 3.3 LOW · CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
- Weaknesses (CWE)
- CWE-404, CWE-476
- Affected products
- 0 configuration(s)
- Published / Modified
- 2026-05-31 / 2026-06-17
NVD description (verbatim)
A flaw has been found in Assimp up to 6.0.4. Affected by this vulnerability is the function Assimp::glTFImporter::ImportMeshes of the file glTFImporter.cpp of the component glTFImporter. This manipulation causes null pointer dereference. The attack is restricted to local execution. The exploit has been published and may be used. The project tagged the reported issue as bug.
7 reference(s) · View on NVD →
SEC.co analysis · AI-assisted, reviewed against source
Technical summary
CVE-2026-10198 is a null pointer dereference vulnerability in the glTFImporter component of Assimp. The flaw resides in the Assimp::glTFImporter::ImportMeshes function within glTFImporter.cpp. When processing glTF model files, the function fails to validate certain mesh properties before dereferencing pointers, allowing a malformed glTF file to trigger an unhandled null pointer exception. This vulnerability is classified under CWE-404 (Improper Resource Validation) and CWE-476 (Null Pointer Dereference). The attack vector is local only, requiring the attacker to have execution privileges on the target system and the ability to cause the vulnerable code path to execute—typically by inducing an application to load a crafted glTF model file.
Business impact
Organizations using Assimp or applications that depend on it (such as 3D modeling tools, game engines, CAD software, or visualization platforms) face potential service disruption. While the vulnerability does not permit remote code execution or data exfiltration, repeated crashes triggered by malicious model files could degrade availability and user experience. In environments where model processing is automated or critical to workflow—such as batch rendering or asset pipelines—attackers could cause work stoppation. The low severity score reflects the local-only attack vector and absence of confidentiality or integrity impact, but the ease of triggering the crash warrants prompt remediation.
Affected systems
Assimp versions up to 6.0.4 are confirmed vulnerable. Any application or service that links against or embeds a vulnerable version of Assimp and processes untrusted glTF files is at risk. This includes 3D editors, game development frameworks, scientific visualization tools, and cloud-based asset processing pipelines. Organizations should inventory their use of Assimp—both as a direct dependency and as a transitive dependency—and cross-reference version information against the 6.0.4 cutoff.
Exploitability
Exploitation requires local code execution and the ability to trigger import of a malicious glTF file. A published proof-of-concept exists, lowering the technical barrier for attackers or researchers. However, the local-only restriction and prerequisite of already having execution context on the target system limits real-world exploitation scope. Insider threats, supply-chain scenarios (e.g., malicious model files distributed via asset repositories), and local privilege escalation chains are the most realistic attack scenarios. The crash itself is reliable and trivial to trigger once a suitable glTF payload is crafted.
Remediation
Upgrade Assimp to a patched version released after the publication date of June 17, 2026. Verify against the official Assimp project repository and release notes for the exact version number that addresses this flaw. In the interim, mitigate by restricting the import of glTF files to trusted sources only, validating file provenance, and limiting local user access to systems running Assimp. If feasible, isolate model processing to sandboxed or containerized environments to contain crash impacts.
Patch guidance
Monitor the Assimp project's official GitHub repository and release announcements for a patch version that addresses CVE-2026-10198. Once a patched release is available, prioritize upgrading all instances of the library across your infrastructure. For applications statically linked to Assimp, recompilation and redeployment will be necessary. For dynamically linked deployments, update the shared library and restart dependent services. Test the patched version in a staging environment with a sample of your real-world glTF models to ensure compatibility before production rollout.
Detection guidance
Monitor system and application logs for repeated segmentation faults or null pointer exceptions originating from Assimp's glTFImporter component. Alert on sudden crashes in processes that handle 3D model import, particularly if preceded by loading of untrusted or unexpected glTF files. If available, enable debug logging in Assimp to capture the call stack and file path information. Forensic analysis of crash dumps can confirm null pointer dereference in the ImportMeshes function. File integrity monitoring on asset repositories can flag introduction of suspicious or malformed glTF files. Network-based detection of malicious glTF files is limited; focus defenses on input validation at the application layer.
Why prioritize this
Although assigned a low CVSS score (3.3) reflecting restricted attack vectors and limited impact scope, this vulnerability merits timely remediation because: (1) a public exploit exists, eliminating the need for exploit development; (2) the trigger is trivial and does not require user interaction beyond opening a file; (3) organizations relying on Assimp for automated or mission-critical workflows face operational risk; and (4) glTF is an increasingly common 3D asset format, raising the likelihood of exposure. Prioritize patching in environments where untrusted models are processed or where Assimp is exposed to user-supplied content.
Risk score, explained
The CVSS 3.1 vector (AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L) yields a score of 3.3 (LOW). The score reflects: local attack vector only (AV:L), low attack complexity (AC:L), requirement for low privileges (PR:L), no user interaction (UI:N), unchanged scope (S:U), no confidentiality impact (C:N), no integrity impact (I:N), and low availability impact (A:L). The denial of service is confined to the targeted process and does not escalate or cascade. Risk is elevated in contexts where model processing is continuous or critical, but the base metric appropriately reflects the constrained attack surface and shallow impact.
Frequently asked questions
Does this vulnerability allow remote code execution?
No. The vulnerability is confined to null pointer dereference, which causes a crash (denial of service) but does not enable arbitrary code execution. The attack vector is local only, requiring the attacker to have execution context on the target system.
Which applications and libraries depend on Assimp, and should I be concerned?
Assimp is widely used in 3D graphics, game development, and scientific visualization. Common dependents include game engines, 3D modeling software, and cloud-based rendering platforms. Review your software bill of materials (SBOM) to identify Assimp as a direct or transitive dependency. Consult vendor advisories for applications you use that bundle Assimp.
Is there a workaround if I cannot upgrade immediately?
Yes. Restrict import of glTF files to trusted sources only, validate file provenance, and implement application-level input validation if possible. Isolate model processing to sandboxed or containerized environments to limit the blast radius of a crash. However, these are temporary mitigations; patching is the permanent solution.
How do I know if my Assimp installation is vulnerable?
Check the version of Assimp installed on your system or linked into your applications. Versions up to and including 6.0.4 are vulnerable. Use package managers, application settings, or the Assimp library's version API to confirm your installed version. Consult the Assimp project's official release notes to identify the first patched version.
This analysis is provided for informational purposes. SEC.co does not assume liability for the accuracy, completeness, or applicability of this information. Verify all technical details, patch version numbers, and remediation steps against official vendor advisories and your own testing before deploying patches or changes to production systems. The presence of a public exploit does not guarantee successful exploitation in your environment. Consult your incident response and change management procedures before making production updates. Source: NVD (public-domain), retrieved 2026-07-07. Analysis generated by SEC.co (claude-haiku-4-5).
Related vulnerabilities
- CVE-2026-10197LOWAssimp glTF2 Null Pointer Dereference Denial of Service
- CVE-2026-10199LOWAssimp Null Pointer Dereference in glTF2 Parsing
- CVE-2026-10298LOWwhisper.cpp Null Pointer Dereference Vulnerability – Local Denial of Service
- CVE-2026-10201LOWAssimp FBX Divide-by-Zero Denial of Service
- CVE-2026-10295LOWDenial of Service in SourceCodester Customer Review App 1.0
- CVE-2026-10705LOWDask HyperLogLog Resource Exhaustion Vulnerability
- CVE-2026-10775LOWSGLang Cache Handler Denial-of-Service Vulnerability (v0.5.11)
- CVE-2025-59604HIGHQualcomm Snapdragon Memory Corruption Vulnerability – HIGH Severity