CVE-2025-5166 – Open Asset Import Library (Assimp) Out-of-Bounds Read Vulnerability

May 26, 2025

CVE ID : CVE-2025-5166

Published : May 26, 2025, 4:15 a.m. | 55 minutes ago

Description : A vulnerability was found in Open Asset Import Library Assimp 5.4.3. It has been classified as problematic. Affected is the function MDCImporter::InternReadFile of the file assimp/code/AssetLib/MDC/MDCLoader.cpp of the component MDC File Parser. The manipulation of the argument pcVerts leads to out-of-bounds read. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. The project decided to collect all Fuzzer bugs in a main-issue to address them in the future.

Severity: 3.3 | LOW

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-5167 – Assimp Out-of-Bounds Read Vulnerability

Next Article CVE-2025-5165 – Assimp Out-of-Bounds Read Vulnerability

Akka introduces platform for distributed agentic AI

Design Patterns For AI Interfaces

Amazon launches spec-driven AI IDE, Kiro

This week in AI dev tools: Gemini API Batch Mode, Amazon SageMaker AI updates, and more (July 11, 2025)

AI-powered malware eludes Microsoft Defender’s security checks 8% of the time — with just 3 months of training and “reinforcement learning” for around $1,600

7 games that are perfect for handheld gaming PCs — with my favorite Steam Deck, ROG Ally, and Legion Go titles

Windows 11 Firewall with Advanced Security flags up errors in “under development” code — but it’s nothing to worry about

Metal Gear Solid Delta: Snake Eater — How to pre-order, release dates, story, gameplay, and everything else you need to know

The details of TC39’s last meeting

The details of TC39’s last meeting

Revolutionize Your IoT Management with Total.js IoT Platform: Simplify, Monitor, and Optimize

Creating a Brand Kit in Stream: Why It Matters and How It helps Organizations

AI-powered malware eludes Microsoft Defender’s security checks 8% of the time — with just 3 months of training and “reinforcement learning” for around $1,600

AI-powered malware eludes Microsoft Defender’s security checks 8% of the time — with just 3 months of training and “reinforcement learning” for around $1,600

7 games that are perfect for handheld gaming PCs — with my favorite Steam Deck, ROG Ally, and Legion Go titles

Windows 11 Firewall with Advanced Security flags up errors in “under development” code — but it’s nothing to worry about

CVE-2025-5166 – Open Asset Import Library (Assimp) Out-of-Bounds Read Vulnerability

Critical Sudo Vulnerabilities Let Local Users Gain Root Access on Linux, Impacting Major Distros

Critical mcp-remote Vulnerability Enables Remote Code Execution, Impacting 437,000+ Downloads

Azure AI just made GPT-4.1 fine-tuning faster and more accessible

CVE-2025-6111 – Tenda FH1205 Stack-Based Buffer Overflow Vulnerability

Hash Calculator – calculates around 50 cryptographic hashes of strings and files

CVE-2025-3644 – Moodle Course Section Deletion Privilege Escalation Vulnerability

⚡ Weekly Recap: Windows 0-Day, VPN Exploits, Weaponized AI, Hijacked Antivirus and More

Researchers at Physical Intelligence Introduce π-0.5: A New AI Framework for Real-Time Adaptive Intelligence in Physical Systems

My new favorite keychain accessory gives me 2TB of SSD storage instantly

CVE-2025-1384 – Omron NJ/NX-series Least Privilege Violation Remote Code Execution

CVE-2025-5166 – Open Asset Import Library (Assimp) Out-of-Bounds Read Vulnerability

Related Posts