| Title | Open Asset Import Library Assimp 6.0.2 Use After Free |
|---|
| Description | A heap-use-after-free vulnerability exists in the LWO file parser of Assimp.
When processing a specially crafted LWO file via the assimp extract command, the application may access freed heap memory in Assimp::LWOImporter::FindUVChannels(), leading to a crash.
This vulnerability can be triggered by user-supplied LWO files and may result in denial of service. |
|---|
| Source | ⚠️ https://github.com/assimp/assimp/issues/6258 |
|---|
| User | sisyphus-w4ng (UID 87937) |
|---|
| Submission | 01/09/2026 11:27 (5 months ago) |
|---|
| Moderation | 01/18/2026 08:25 (9 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 341727 [Open Asset Import Library Assimp up to 6.0.2 LWOMaterial.cpp FindUVChannels use after free] |
|---|
| Points | 19 |
|---|