CVE-2026-10201

Summary

A vulnerability was determined in Assimp up to 6.0.4. This vulnerability affects the function FBXExporter::WriteObjects of the file FBXExporter.cpp of the component UV Channel Handler. Executing a manipulation can lead to divide by zero. The attack needs to be launched locally. The exploit has been publicly disclosed and may be utilized. Applying a patch is advised to resolve this issue. The project tagged the reported issue as bug.

Affected Software

VendorProductVersion RangeStatus
n/aAssimp6.0.0affected
n/aAssimp6.0.1affected
n/aAssimp6.0.2affected
n/aAssimp6.0.3affected
n/aAssimp6.0.4affected

Weaknesses

  • CWE-369: Divide By Zero
  • CWE-404: Denial of Service

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: poc
    • Automatable: no
    • Technical Impact: partial

References