Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
9.8
CVE-2025-70067: Assimp FBX Importer allows malicious files to cause crashes
CVE-2025-70067
Summary
A vulnerability in Assimp's FBX Importer, used in various 3D modeling software, could allow a malicious FBX file to crash the application. This issue affects Assimp versions up to 6.0.2. To protect your system, update to the latest version of Assimp.
Original title
Buffer Overflow vulnerability exists in Assimp versions up to 6.0.2 in the FBX Importer. The vulnerability occurs in aiMaterial::AddBinaryProperty, where a property key string from a crafted FBX fi...
Original description
Buffer Overflow vulnerability exists in Assimp versions up to 6.0.2 in the FBX Importer. The vulnerability occurs in aiMaterial::AddBinaryProperty, where a property key string from a crafted FBX file is copied into a fixed-size heap buffer using strcpy() without runtime length validation
Vulnerability type
CWE-122
Heap-based Buffer Overflow
Published: 4 May 2026 · Updated: 28 May 2026 · First seen: 4 May 2026