CVE-2026-10233 | Assimp up to 6.0.4 Half-Life 1 MDL Loader HL1MDLLoader.cpp read_sequence_infos aiString out-of-bounds (Issue 6619)

Inserito da Angelo Barbosa | Mag 31, 2026 | CVE

A vulnerability marked as problematic has been reported in Assimp up to 6.0.4. Affected by this issue is the function HL1MDLLoader::read_sequence_infos of the file HL1MDLLoader.cpp of the component Half-Life 1 MDL Loader. The manipulation of the argument aiString leads to out-of-bounds read.

This vulnerability is documented as CVE-2026-10233. The attack needs to be performed locally. Additionally, an exploit exists.

The project tagged the reported issue as bug.

CVE-2026-10233 | Assimp up to 6.0.4 Half-Life 1 MDL Loader HL1MDLLoader.cpp read_sequence_infos aiString out-of-bounds (Issue 6619)

Post correlati

CVE-2025-54597 | LinuxServer.io Heimdall up to 2.7.2 q cross site scripting

CVE-2026-26135 | Microsoft Azure Custom Locations Resource Provider server-side request forgery

CVE-2025-49002 | DataEase up to 2.10.9 Incomplete Fix CVE-2025-32966 authentication spoofing

CVE-2026-44514 | kubetail cli/dashboard prior 0.14.0 WebSocket Endpoint missing origin validation in websockets (GHSA-v8j7-hp7c-738f)