CVE-2025-6119 – Open Asset Import Library Assimp Use After Free Vulnerability

June 16, 2025

CVE ID : CVE-2025-6119

Published : June 16, 2025, 11:15 a.m. | 3 hours, 5 minutes ago

Description : A vulnerability classified as critical has been found in Open Asset Import Library Assimp up to 5.4.3. Affected is the function Assimp::BVHLoader::ReadNodeChannels in the library assimp/code/AssetLib/BVH/BVHLoader.cpp. The manipulation of the argument pNode leads to use after free. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. The project decided to collect all Fuzzer bugs in a main-issue to address them in the future.

Severity: 5.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-24388 – “OTRS Parameter Injection Vulnerability”

Next Article CVE-2025-6118 – Das Parking Management System SQL Injection Vulnerability

Highlights

CVE-2025-4011 – Redmine Custom Query Handler Cross Site Scripting Vulnerability

April 28, 2025

CVE ID : CVE-2025-4011

Published : April 28, 2025, 9:15 a.m. | 3 hours, 14 minutes ago

Description : A vulnerability has been found in Redmine 6.0.0/6.0.1/6.0.2/6.0.3 and classified as problematic. This vulnerability affects unknown code of the component Custom Query Handler. The manipulation of the argument Name leads to cross site scripting. The attack can be initiated remotely. Upgrading to version 6.0.4 is able to address this issue. It is recommended to upgrade the affected component.

Severity: 3.5 | LOW

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

What I Wish Someone Told Me When I Was Getting Into ARIA

SD Times 100

Managing the growing risk profile of agentic AI and MCP in the enterprise

How To Prevent WordPress SQL Injection Attacks

Funny Windows 11 bug brings back classic Windows boot sound from 20 years ago

Windows 11 news and updates in June: Microsoft’s AI agent in Settings makes adjusting your PC easier than ever

uBlock Origin ships to Edge for Android as Google kills it on Chrome

Windows Hello face unlock no longer works in the dark, and Microsoft says it’s not a bug

Community News: Latest PECL Releases (06.17.2025)

Community News: Latest PECL Releases (06.17.2025)

Stream-Omni: Simultaneous Multimodal Interactions with Large Language-Vision-Speech Model

How Inclusive Design Leading and Creating Solutions for Universal Design

Funny Windows 11 bug brings back classic Windows boot sound from 20 years ago

Funny Windows 11 bug brings back classic Windows boot sound from 20 years ago

Windows 11 news and updates in June: Microsoft’s AI agent in Settings makes adjusting your PC easier than ever

uBlock Origin ships to Edge for Android as Google kills it on Chrome

CVE-2025-6119 – Open Asset Import Library Assimp Use After Free Vulnerability

TP-Link Router Flaw CVE-2023-33538 Under Active Exploit, CISA Issues Immediate Alert

Hard-Coded ‘b’ Password in Sitecore XP Sparks Major RCE Risk in Enterprise Deployments

CVE-2025-25217 – Apache OpenHarmony NULL Pointer Dereference DOS

The good, the bad and the unknown of AI: A Q&A with Mária Bieliková

CVE-2025-4743 – Code-projects Employee Record System SQL Injection Vulnerability

Challenges and strategies of migrating a high-throughput relational database

CVE-2025-4011 – Redmine Custom Query Handler Cross Site Scripting Vulnerability

CVE-2025-4153 – PHPGurukul Park Ticketing Management System SQL Injection Vulnerability

CVE-2025-5204 – Open Asset Import Library Assimp Out-of-Bounds Read Vulnerability

Brisa v0.2.10 release

CVE-2025-6119 – Open Asset Import Library Assimp Use After Free Vulnerability

Related Posts