CVE-2026-10229

Published: Giu 01, 2026 Last Modified: Giu 01, 2026

ExploitDB:

Other exploit source:

Google Dorks:

LOW 1,9

Source: [email protected]

Attack Vector: local

Attack Complexity: low

Privileges Required: low

User Interaction: none

Confidentiality: N/A

Integrity: N/A

Availability: N/A

MEDIUM 5,3

Source: [email protected]

Attack Vector: local

Attack Complexity: low

Privileges Required: low

User Interaction: none

Scope: unchanged

Confidentiality: low

Integrity: low

Availability: low

MEDIUM 4,3

Source: [email protected]

Access Vector: local

Access Complexity: low

Authentication: single

Confidentiality: partial

Integrity: partial

Availability: partial

Description

AI Translation Available

A vulnerability was determined in Assimp up to 6.0.4. This affects the function HL1MDLLoader::read_meshes of the file HL1MDLLoader.cpp of the component Half-Life 1 MDL Loader. This manipulation causes heap-based buffer overflow. The attack is restricted to local execution. The exploit has been publicly disclosed and may be utilized. The project tagged the reported issue as bug.

119

Improper Restriction of Operations within the Bounds of a Memory Buffer

Stable

Abstraction: Class Structure: Simple

Common Consequences

Security Scopes Affected:

Integrity Confidentiality Availability

Potential Impacts:

Execute Unauthorized Code Or Commands Modify Memory Read Memory Dos: Crash, Exit, Or Restart Dos: Resource Consumption (Cpu) Dos: Resource Consumption (Memory)

Applicable Platforms

Languages: Memory-Unsafe, C, C++, Assembly

Likelihood of Exploit: High

View CWE Details

122

Heap-based Buffer Overflow

Draft

Abstraction: Variant Structure: Simple

Common Consequences

Security Scopes Affected:

Availability Integrity Confidentiality Access Control Other

Potential Impacts:

Dos: Crash, Exit, Or Restart Dos: Resource Consumption (Cpu) Dos: Resource Consumption (Memory) Execute Unauthorized Code Or Commands Bypass Protection Mechanism Modify Memory Other