← Voltar para CVEs
CVE-2025-15538
MEDIUM5.3
Descricao
A security vulnerability has been detected in Open Asset Import Library Assimp up to 6.0.2. Affected by this vulnerability is the function Assimp::LWOImporter::FindUVChannels of the file /src/assimp/code/AssetLib/LWO/LWOMaterial.cpp. Such manipulation leads to use after free. The attack needs to be performed locally. The exploit has been disclosed publicly and may be used. This and similar defects are tracked and handled via issue #6128.
Detalhes CVE
Pontuacao CVSS v3.15.3
SeveridadeMEDIUM
Vetor CVSSCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Vetor de ataqueLOCAL
ComplexidadeLOW
Privilegios necessariosLOW
Interacao do usuarioNONE
Publicado1/18/2026
Ultima modificacao2/10/2026
Fontenvd
Avistamentos honeypot0
Produtos afetados
assimp:assimp
Fraquezas (CWE)
CWE-119CWE-416CWE-416
Referencias
https://github.com/assimp/assimp/issues/6258(cna@vuldb.com)
https://vuldb.com/?ctiid.341727(cna@vuldb.com)
https://vuldb.com/?id.341727(cna@vuldb.com)
https://vuldb.com/?submit.735232(cna@vuldb.com)
Correlacoes IOC
Sem correlacoes registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.