CVE 9.8 CRITICAL

CVE-2025-57108_CVE-2025-57108

October 31, 2025 invoker category_cve
9.8 / 10
CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Description

Kitware VTK (Visualization Toolkit) through 9.5.0 contains a heap use-after-free vulnerability in vtkGLTFDocumentLoader. The vulnerability manifests during mesh object copy operations where vector members are accessed after the underlying memory has been freed, specifically when handling GLTF files with corrupted or invalid mesh reference structures.

AI Analysis

Heap use-after-free vulnerability in vtkGLTFDocumentLoader during mesh object copy operations

Basic Information

ID CVE-2025-57108
Source mitre
Published Oct 31, 2025 at 00:00
Modified Oct 31, 2025 at 19:07

Affected Product

Vendor n/a
Product n/a
Version n/a
Affected Versions n/a n/a n/a

CWE Classification

CWE-416

AI Assessment

AI Score 9.8 / 10
AI Severity Critical
Vendor Kitware
Product VTK (Visualization Toolkit)
Version through 9.5.0

References

💭 Join the Security Discussion

🔒 Your email address will not be published. Required fields are marked *

⚠️ Please be respectful and constructive in your comments. Security discussions should remain professional.