CVE-2025-57107

Description

Kitware VTK (Visualization Toolkit) through 9.5.0 contains a heap buffer overflow vulnerability in vtkGLTFDocumentLoader. When processing specially crafted GLTF files, the copy constructor of Accessor objects fails to properly validate buffer boundaries before performing memory read operations.

PUBLISHED Reserved 2025-08-17 | Published 2025-10-31 | Updated 2025-10-31 | Assigner mitre

References

gitlab.kitware.com/vtk/vtk/-/issues/19732

cve.org (CVE-2025-57107)

nvd.nist.gov (CVE-2025-57107)

Download JSON

Data based on CVE®. Copyright © 1999-2025, The MITRE Corporation. All rights reserved.