Bug 2483758 (CVE-2026-10201) - CVE-2026-10201 assimp: Assimp: Denial of Service via divide-by-zero in FBXExporter
Summary: CVE-2026-10201 assimp: Assimp: Denial of Service via divide-by-zero in FBXExp...
Keywords:
Status: NEW
Alias: CVE-2026-10201
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Product Security DevOps Team
QA Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2026-06-01 15:28 UTC by Keith Grant
Modified: 2026-06-09 08:59 UTC (History)
6 users (show)

Fixed In Version:
Clone Of:
Environment:
Last Closed:
Embargoed:


Attachments (Terms of Use)

Description Keith Grant 2026-06-01 15:28:50 UTC
A vulnerability was determined in Assimp up to 6.0.4. This vulnerability affects the function FBXExporter::WriteObjects of the file FBXExporter.cpp of the component UV Channel Handler. Executing a manipulation can lead to divide by zero. The attack needs to be launched locally. The exploit has been publicly disclosed and may be utilized. Applying a patch is advised to resolve this issue. The project tagged the reported issue as bug.


Note You need to log in before you can comment on or make changes to this bug.