CVE-2025-5165 – Assimp Out-of-Bounds Read Vulnerability

May 26, 2025

CVE ID : CVE-2025-5165

Published : May 26, 2025, 3:15 a.m. | 1 hour, 55 minutes ago

Description : A vulnerability was found in Open Asset Import Library Assimp 5.4.3 and classified as problematic. This issue affects the function MDCImporter::ValidateSurfaceHeader of the file assimp/code/AssetLib/MDC/MDCLoader.cpp. The manipulation of the argument pcSurface2 leads to out-of-bounds read. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. The project decided to collect all Fuzzer bugs in a main-issue to address them in the future.

Severity: 3.3 | LOW

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-5166 – Open Asset Import Library (Assimp) Out-of-Bounds Read Vulnerability

Next Article CVE-2025-5164 – PerfreeBlog JWT Handler Hard-Coded Cryptographic Key Vulnerability

Sunshine And March Vibes (2025 Wallpapers Edition)

The Case For Minimal WordPress Setups: A Contrarian View On Theme Frameworks

How To Fix Largest Contentful Paint Issues With Subpart Analysis

How To Prevent WordPress SQL Injection Attacks

Does Elden Ring Nightreign have crossplay or cross-platform play?

Cyberpunk 2077 sequel enters pre-production as Phantom Liberty crosses 10 million copies sold

EA has canceled yet another game, shuttered its developer, and started more layoffs

The Witcher 3: Wild Hunt reaches 60 million copies sold as work continues on The Witcher 4

How Remix is shaking things up

How Remix is shaking things up

Perficient at Kscope25: Let’s Meet in Texas!

Salesforce + Informatica: What It Means for Data Cloud and Our Customers

Does Elden Ring Nightreign have crossplay or cross-platform play?

Does Elden Ring Nightreign have crossplay or cross-platform play?

Cyberpunk 2077 sequel enters pre-production as Phantom Liberty crosses 10 million copies sold

EA has canceled yet another game, shuttered its developer, and started more layoffs

CVE-2025-5165 – Assimp Out-of-Bounds Read Vulnerability

China-Linked Hackers Exploit SAP and SQL Server Flaws in Attacks Across Asia and Brazil

New Apache InLong Vulnerability (CVE-2025-27522) Exposes Systems to Remote Code Execution Risks

Meta Pauses AI Training on EU User Data Amid Privacy Concerns

Extend large language models powered by Amazon SageMaker AI using Model Context Protocol

UC Berkeley Researchers Introduce Learnable Latent Codes as Bridges (LCB): A Novel AI Approach that Combines the Abstract Reasoning Capabilities of Large Language Models with Low-Level Action Policies

Join Us at Agentforce World Tour Dallas: Unleashing AI Innovations for Your Business

System76 Release COSMIC DE Alpha 5: What’s New?

Parsing raw data with existential types

A Step-by-Step Coding Guide to Efficiently Fine-Tune Qwen3-14B Using Unsloth AI on Google Colab with Mixed Datasets and LoRA Optimization

Hackers Increasingly Abusing Microsoft Graph API for Stealthy Malware Communications

CVE-2025-5165 – Assimp Out-of-Bounds Read Vulnerability

Related Posts