Ecosystem	Package	Version

Vulnerabilities

CVE-2025-57106

CVE-2025-57106

Kitware VTK (Visualization Toolkit) up to 9.5.0 is vulnerable to Buffer Overflow in vtkGLTFDocumentLoader. The vulnerability occurs in the BufferDataExtractionWorker template function when processing GLTF accessor data.

Published Nov 4, 2025

https://gitlab.kitware.com/vtk/vtk/-/issues/19733 https://gitlab.kitware.com/vtk/vtk/-/issues/19734

CVSS ScoreHigh

8.7

Ecosystem	Package	Version


nuget	Vtk	9.2.6
conda	free/vtk	5.10.1
conda	free/vtk	6.3.0
conda	main/vtk	8.1.0
conda	main/vtk	8.1.1
conda	main/vtk	8.2.0
conda	main/vtk	9.0.3
conda	main/vtk	9.4.1
maven	org.vtk/vtk	9.3.0
maven	org.vtk/vtk	9.3
rpm	python3-vtk	9.0.1-10.el8
rpm	python3-vtk	9.0.1-9.el8
rpm	python3-vtk	9.1.0-17.el9
rpm	python3-vtk	9.1.0-18.el9
rpm	python3-vtk	9.1.0-20.el9
rpm	python3-vtk-mpich	9.0.1-10.el8
rpm	python3-vtk-mpich	9.0.1-9.el8
rpm	python3-vtk-mpich	9.1.0-17.el9
rpm	python3-vtk-mpich	9.1.0-18.el9
rpm	python3-vtk-mpich	9.1.0-20.el9
rpm	python3-vtk-openmpi	9.0.1-10.el8
rpm	python3-vtk-openmpi	9.0.1-9.el8
rpm	python3-vtk-openmpi	9.1.0-17.el9
rpm	python3-vtk-openmpi	9.1.0-18.el9
rpm	python3-vtk-openmpi	9.1.0-20.el9
pypi	vtk	9.0.0
pypi	vtk	9.0.1
pypi	vtk	9.0.2
pypi	vtk	9.0.3
pypi	vtk	9.1.0
pypi	vtk	9.1.0rc3
pypi	vtk	9.1.0rc4
pypi	vtk	9.2.0rc2
pypi	vtk	9.2.1
pypi	vtk	9.2.2
pypi	vtk	9.2.3
pypi	vtk	9.2.4
pypi	vtk	9.2.5
pypi	vtk	9.2.6
pypi	vtk	9.3.0
pypi	vtk	9.3.0rc1
pypi	vtk	9.3.0rc2
pypi	vtk	9.3.1
pypi	vtk	9.3.20230807rc0
pypi	vtk	9.4.0
pypi	vtk	9.4.0rc3
pypi	vtk	9.4.1
pypi	vtk	9.4.2
pypi	vtk	9.5.0
pypi	vtk	9.5.0rc1

CVE-2025-57106 | Components Impacted | Sonatype Guide | Sonatype Guide