CVE-2026-10200: Assimp 6.0.4 Heap Buffer Overflow in glTF Matrix Parser
Assimp, a popular open-source 3D model import library, contains a heap-based buffer overflow vulnerability in its glTF file format parser. An attacker with local access to a system can craft a malicious glTF file with a specially crafted 4x4 matrix to overflow memory and trigger a crash, information disclosure, or potential code execution. The vulnerability affects Assimp versions up to 6.0.4 and has been publicly disclosed.
Source data · NVD / CISA · public domain
- CVSS
- 3.1 · 5.3 MEDIUM · CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
- Weaknesses (CWE)
- CWE-119, CWE-122
- Affected products
- 0 configuration(s)
- Published / Modified
- 2026-05-31 / 2026-06-17
NVD description (verbatim)
A vulnerability was found in Assimp up to 6.0.4. This affects the function glTFCommon::CopyValue in the library glTFCommon.h of the component 4x4 Matrix Parser. Performing a manipulation results in heap-based buffer overflow. The attack must be initiated from a local position. The exploit has been made public and could be used. The project tagged the reported issue as bug.
7 reference(s) · View on NVD →
SEC.co analysis · AI-assisted, reviewed against source
Technical summary
CVE-2026-10200 exists in the glTFCommon::CopyValue function within glTFCommon.h, which handles parsing of 4x4 matrices in glTF model files. The vulnerability is classified as a heap-based buffer overflow (CWE-119, CWE-122) resulting from improper bounds checking during matrix value copying operations. The flaw allows a local attacker to write beyond allocated heap memory by providing a specially crafted glTF file, potentially corrupting heap structures and enabling further exploitation.
Business impact
This vulnerability primarily affects organizations and individuals using Assimp for 3D model processing in applications such as game engines, CAD software, 3D visualization tools, and asset pipelines. While exploitation requires local access, the public nature of the exploit means any organization relying on Assimp 6.0.4 or earlier faces real risk. Potential impacts include denial of service through application crashes, data exfiltration from the process memory space, or, in more sophisticated scenarios, privilege escalation or arbitrary code execution depending on the application's context and privileges.
Affected systems
Assimp versions up to and including 6.0.4 are affected. The vulnerability resides in the glTF parsing component, so any application embedding or depending on vulnerable Assimp versions that processes untrusted or user-supplied glTF files is at risk. This includes game development frameworks, 3D modeling software, web services that accept 3D model uploads, and any tool in a content creation pipeline that uses Assimp for model import.
Exploitability
The vulnerability has a CVSS v3.1 score of 5.3 (MEDIUM) with the vector CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L, indicating that exploitation requires local access (AV:L) and a user account with low privileges (PR:L). No user interaction is needed (UI:N). While not remotely exploitable without additional attack vectors, the public availability of exploit code significantly lowers the barrier to weaponization for any attacker with local system access or the ability to place files on an affected system.
Remediation
Immediately upgrade Assimp to a patched version after 6.0.4; verify the latest stable release on the Assimp GitHub repository. For applications embedding Assimp, coordinate with your build and dependency management systems to pull the updated library version. If immediate patching is not feasible, implement input validation to reject suspicious glTF files and restrict file processing to trusted sources only. Reduce local access surface area by enforcing principle of least privilege and monitoring for suspicious file uploads or local file placement.
Patch guidance
Update Assimp to a version newer than 6.0.4. Verify the exact patched version in the official Assimp repository releases or security advisories. For applications with Assimp as a dependency, check your package manager (pip, npm, vcpkg, etc.) for the latest available version and perform regression testing after update. If your application vendors Assimp, rebuild and redeploy with the patched library version.
Detection guidance
Monitor for crafted glTF files with unusual or oversized 4x4 matrix data entering your processing pipelines. Look for application crashes or unexpected memory behavior when processing glTF files from untrusted sources. Implement file integrity monitoring and logging around glTF file ingestion. On systems where Assimp runs, monitor for heap corruption signatures and unusual process terminations related to 3D model processing tools.
Why prioritize this
Although the CVSS score of 5.3 is moderate, prioritize patching because: (1) the vulnerability has public exploit code available, significantly reducing exploitation difficulty; (2) Assimp is widely used in asset pipelines and creative workflows where untrusted files may be processed; (3) even though local access is required, insider threats and compromised user accounts are common attack vectors; (4) any remote file upload feature serving glTF models could expose your infrastructure if combined with other vulnerabilities.
Risk score, explained
The CVSS score of 5.3 reflects a local-only attack vector and low-privilege requirement, which constrains the immediate threat. However, the publication of exploit code elevates practical risk significantly. The LOW impact on confidentiality, integrity, and availability (each marked 'L') suggests bounded but real harm per successful exploit. Organizations should weight the moderate score against their specific exposure: if you process untrusted glTF files or operate multi-user systems, effective risk is higher than the CVSS number alone suggests.
Frequently asked questions
Do I need to patch immediately if I use Assimp only internally and don't process user-supplied files?
Your risk is substantially lower, but not zero. If your glTF files come from a controlled, internal pipeline only, you can plan patching as part of your regular maintenance cycle. However, if your organization ever processes 3D content from external sources—contractors, vendors, or marketplaces—upgrade promptly. Additionally, insider threats or a compromised developer account could introduce malicious files into your internal pipeline.
What Assimp versions should I target after upgrading from 6.0.4?
Consult the official Assimp GitHub repository releases page and any published security advisory to identify the first patched version after 6.0.4. Verify that the version you select includes a fix for CVE-2026-10200 before deploying to production. Test thoroughly with your application's test suite to ensure no regressions.
Can this vulnerability be exploited remotely if Assimp is used in a web service?
The vulnerability itself is local-only by design (AV:L). However, if a web service accepts file uploads and processes them with vulnerable Assimp on the backend, an attacker can upload a malicious glTF file remotely to trigger the local vulnerability. In that scenario, the impact is limited to the service process running Assimp, but could cause service outage or information leakage from that process's memory.
How do I know if my application depends on Assimp?
Check your project's dependency manifests: package.json (npm), requirements.txt (pip), vcpkg.json, conanfile.py, or CMakeLists.txt. Search your source code for #include <assimp/> or imports from assimp. If you integrate a game engine or 3D library, consult its documentation—many engines ship Assimp internally or offer it as an optional module. If unsure, contact your software vendor or library maintainer.
This analysis is provided for informational purposes to support security decision-making. CVSS scores and technical details reflect the published CVE record as of the analysis date. Actual risk and exploitability vary by deployment context, application architecture, and file sourcing practices. Verify patch availability and compatibility with your specific Assimp version and application before deploying any update. No representation is made about future vulnerability status or undisclosed variants. Organizations should conduct their own threat modeling, risk assessment, and testing before and after any remediation. Source: NVD (public-domain), retrieved 2026-07-07. Analysis generated by SEC.co (claude-haiku-4-5).
Related vulnerabilities
- CVE-2026-10194MEDIUMOFFIS DCMTK Heap Buffer Overflow in Query/Retrieve Service
- CVE-2026-10229MEDIUMAssimp Half-Life MDL Loader Heap Buffer Overflow
- CVE-2026-10230MEDIUMAssimp Half-Life MDL Loader Heap Buffer Overflow Vulnerability
- CVE-2026-10231MEDIUMAssimp Heap Buffer Overflow in HL1 MDL Loader
- CVE-2025-55664MEDIUMGPAC MP4Box Heap Buffer Overflow DoS Vulnerability
- CVE-2026-10064MEDIUMTRENDnet TEW-432BRP Stack Overflow – Unpatched EOL Router Vulnerability
- CVE-2026-10114MEDIUMOpen5GS Out-of-Bounds Write in NF Profile Parser
- CVE-2026-10232MEDIUMAssimp Use-After-Free in ASE Parser (CVSS 5.3)