CVE-2026-10200

MEDIUM NVD

CVSS Score 5.3

Severity MEDIUM

Published May 31, 2026

Vendor unknown

Description

A vulnerability was found in Assimp up to 6.0.4. This affects the function glTFCommon::CopyValue in the library glTFCommon.h of the component 4x4 Matrix Parser. Performing a manipulation results in heap-based buffer overflow. The attack must be initiated from a local position. The exploit has been made public and could be used. The project tagged the reported issue as bug.

References

https://github.com/assimp/assimp/
https://github.com/assimp/assimp/issues/6612
https://github.com/user-attachments/files/27194256/poc.zip
https://vuldb.com/cve/CVE-2026-10200
https://vuldb.com/submit/821180