The following vulnerability was published for assimp.
CVE-2025-3548[0]:
| A vulnerability, which was classified as critical, has been found in
| Open Asset Import Library Assimp up to 5.4.3. This issue affects the
| function aiString::Set in the library include/assimp/types.h of the
| component File Handler. The manipulation leads to heap-based buffer
| overflow. It is possible to launch the attack on the local host. The
| exploit has been disclosed to the public and may be used. It is
| recommended to apply a patch to fix this issue.
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.