{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-10233", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "state": "PUBLISHED", "assignerShortName": "VulDB", "dateReserved": "2026-05-31T08:11:05.085Z", "datePublished": "2026-06-01T06:45:08.319Z", "dateUpdated": "2026-06-03T17:57:19.739Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2026-06-01T06:45:08.319Z"}, "title": "Assimp Half-Life 1 MDL Loader HL1MDLLoader.cpp read_sequence_infos out-of-bounds", "problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-125", "lang": "en", "description": "Out-of-Bounds Read"}]}, {"descriptions": [{"type": "CWE", "cweId": "CWE-119", "lang": "en", "description": "Memory Corruption"}]}], "affected": [{"vendor": "n/a", "product": "Assimp", "versions": [{"version": "6.0.0", "status": "affected"}, {"version": "6.0.1", "status": "affected"}, {"version": "6.0.2", "status": "affected"}, {"version": "6.0.3", "status": "affected"}, {"version": "6.0.4", "status": "affected"}], "cpes": ["cpe:2.3:a:assimp:assimp:*:*:*:*:*:*:*:*"], "modules": ["Half-Life 1 MDL Loader"]}], "descriptions": [{"lang": "en", "value": "A security vulnerability has been detected in Assimp up to 6.0.4. Affected by this issue is the function HL1MDLLoader::read_sequence_infos of the file HL1MDLLoader.cpp of the component Half-Life 1 MDL Loader. The manipulation of the argument aiString leads to out-of-bounds read. The attack needs to be performed locally. The exploit has been disclosed publicly and may be used. The project tagged the reported issue as bug."}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 4.8, "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P", "baseSeverity": "MEDIUM"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 3.3, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:P/RL:X/RC:R", "baseSeverity": "LOW"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 3.3, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:P/RL:X/RC:R", "baseSeverity": "LOW"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 1.7, "vectorString": "AV:L/AC:L/Au:S/C:P/I:N/A:N/E:POC/RL:ND/RC:UR"}}], "timeline": [{"time": "2026-05-31T00:00:00.000Z", "lang": "en", "value": "Advisory disclosed"}, {"time": "2026-05-31T02:00:00.000Z", "lang": "en", "value": "VulDB entry created"}, {"time": "2026-05-31T10:16:20.000Z", "lang": "en", "value": "VulDB entry last update"}], "credits": [{"lang": "en", "value": "TYGLS (VulDB User)", "type": "reporter"}, {"lang": "en", "value": "VulDB CNA Team", "type": "coordinator"}], "references": [{"url": "https://vuldb.com/vuln/367512", "name": "VDB-367512 | Assimp Half-Life 1 MDL Loader HL1MDLLoader.cpp read_sequence_infos out-of-bounds", "tags": ["vdb-entry", "technical-description"]}, {"url": "https://vuldb.com/vuln/367512/cti", "name": "VDB-367512 | CTI Indicators (IOB, IOC, IOA)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/cve/CVE-2026-10233", "name": "CVE-2026-10233 | CVE Analysis and Report", "tags": ["third-party-advisory"]}, {"url": "https://vuldb.com/submit/821196", "name": "Submit #821196 | Assimp commit 17c12da Buffer Overflow", "tags": ["third-party-advisory"]}, {"url": "https://github.com/assimp/assimp/issues/6619", "tags": ["issue-tracking"]}, {"url": "https://github.com/user-attachments/files/27228962/poc.zip", "tags": ["exploit"]}, {"url": "https://github.com/assimp/assimp/", "tags": ["product"]}]}, "adp": [{"references": [{"url": "https://github.com/assimp/assimp/issues/6619", "tags": ["exploit"]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-06-03T17:56:57.619318Z", "id": "CVE-2026-10233", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-06-03T17:57:19.739Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-10233", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-06-03T17:56:57.619318Z"}}}], "references": [{"url": "https://github.com/assimp/assimp/issues/6619", "tags": ["exploit"]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-06-03T17:56:38.252Z"}}], "cna": {"title": "Assimp Half-Life 1 MDL Loader HL1MDLLoader.cpp read_sequence_infos out-of-bounds", "credits": [{"lang": "en", "type": "reporter", "value": "TYGLS (VulDB User)"}, {"lang": "en", "type": "coordinator", "value": "VulDB CNA Team"}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 4.8, "baseSeverity": "MEDIUM", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 3.3, "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:P/RL:X/RC:R"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 3.3, "baseSeverity": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:P/RL:X/RC:R"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 1.7, "vectorString": "AV:L/AC:L/Au:S/C:P/I:N/A:N/E:POC/RL:ND/RC:UR"}}], "affected": [{"cpes": ["cpe:2.3:a:assimp:assimp:*:*:*:*:*:*:*:*"], "vendor": "n/a", "modules": ["Half-Life 1 MDL Loader"], "product": "Assimp", "versions": [{"status": "affected", "version": "6.0.0"}, {"status": "affected", "version": "6.0.1"}, {"status": "affected", "version": "6.0.2"}, {"status": "affected", "version": "6.0.3"}, {"status": "affected", "version": "6.0.4"}]}], "timeline": [{"lang": "en", "time": "2026-05-31T00:00:00.000Z", "value": "Advisory disclosed"}, {"lang": "en", "time": "2026-05-31T02:00:00.000Z", "value": "VulDB entry created"}, {"lang": "en", "time": "2026-05-31T10:16:20.000Z", "value": "VulDB entry last update"}], "references": [{"url": "https://vuldb.com/vuln/367512", "name": "VDB-367512 | Assimp Half-Life 1 MDL Loader HL1MDLLoader.cpp read_sequence_infos out-of-bounds", "tags": ["vdb-entry", "technical-description"]}, {"url": "https://vuldb.com/vuln/367512/cti", "name": "VDB-367512 | CTI Indicators (IOB, IOC, IOA)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/cve/CVE-2026-10233", "name": "CVE-2026-10233 | CVE Analysis and Report", "tags": ["third-party-advisory"]}, {"url": "https://vuldb.com/submit/821196", "name": "Submit #821196 | Assimp commit 17c12da Buffer Overflow", "tags": ["third-party-advisory"]}, {"url": "https://github.com/assimp/assimp/issues/6619", "tags": ["issue-tracking"]}, {"url": "https://github.com/user-attachments/files/27228962/poc.zip", "tags": ["exploit"]}, {"url": "https://github.com/assimp/assimp/", "tags": ["product"]}], "descriptions": [{"lang": "en", "value": "A security vulnerability has been detected in Assimp up to 6.0.4. Affected by this issue is the function HL1MDLLoader::read_sequence_infos of the file HL1MDLLoader.cpp of the component Half-Life 1 MDL Loader. The manipulation of the argument aiString leads to out-of-bounds read. The attack needs to be performed locally. The exploit has been disclosed publicly and may be used. The project tagged the reported issue as bug."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-125", "description": "Out-of-Bounds Read"}]}, {"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-119", "description": "Memory Corruption"}]}], "providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2026-06-01T06:45:08.319Z"}}}, "cveMetadata": {"cveId": "CVE-2026-10233", "state": "PUBLISHED", "dateUpdated": "2026-06-03T17:57:19.739Z", "dateReserved": "2026-05-31T08:11:05.085Z", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "datePublished": "2026-06-01T06:45:08.319Z", "assignerShortName": "VulDB"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "A security vulnerability has been detected in Assimp up to 6.0.4. Affected by this issue is the function HL1MDLLoader::read_sequence_infos of the file HL1MDLLoader.cpp of the component Half-Life 1 MDL Loader. The manipulation of the argument aiString leads to out-of-bounds read. The attack needs to be performed locally. The exploit has been disclosed publicly and may be used. The project tagged the reported issue as bug."}], "id": "CVE-2026-10233", "lastModified": "2026-06-03T19:16:23.580", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "SINGLE", "availabilityImpact": "NONE", "baseScore": 1.7, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 3.1, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "cna@vuldb.com", "type": "Secondary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 3.3, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 1.4, "source": "cna@vuldb.com", "type": "Secondary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "LOCAL", "availabilityRequirement": "NOT_DEFINED", "baseScore": 1.9, "baseSeverity": "LOW", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "PROOF_OF_CONCEPT", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "LOW", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "LOW", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "cna@vuldb.com", "type": "Secondary"}]}, "published": "2026-06-01T08:16:19.750", "references": [{"source": "cna@vuldb.com", "url": "https://github.com/assimp/assimp/"}, {"source": "cna@vuldb.com", "url": "https://github.com/assimp/assimp/issues/6619"}, {"source": "cna@vuldb.com", "url": "https://github.com/user-attachments/files/27228962/poc.zip"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/cve/CVE-2026-10233"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/submit/821196"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/vuln/367512"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/vuln/367512/cti"}, {"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "url": "https://github.com/assimp/assimp/issues/6619"}], "sourceIdentifier": "cna@vuldb.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}, {"lang": "en", "value": "CWE-125"}], "source": "cna@vuldb.com", "type": "Secondary"}]}

{"bugzilla": {"description": "assimp: Assimp: Out-of-bounds read in Half-Life 1 MDL Loader allows information disclosure", "id": "2486786", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2486786"}, "csaw": false, "cvss3": {"cvss3_base_score": "3.3", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "status": "draft"}, "cwe": "CWE-125", "details": ["A security vulnerability has been detected in Assimp up to 6.0.4. Affected by this issue is the function HL1MDLLoader::read_sequence_infos of the file HL1MDLLoader.cpp of the component Half-Life 1 MDL Loader. The manipulation of the argument aiString leads to out-of-bounds read. The attack needs to be performed locally. The exploit has been disclosed publicly and may be used. The project tagged the reported issue as bug.", "A flaw was found in Assimp, within its Half-Life 1 MDL Loader component. A local attacker could exploit an out-of-bounds read vulnerability by manipulating specific input. This could lead to the disclosure of sensitive information."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability."}, "name": "CVE-2026-10233", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Fix deferred", "package_name": "qt6-qtquick3d", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Fix deferred", "package_name": "qt5-qt3d", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2026-06-01T06:45:08Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2026-10233\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-10233\nhttps://github.com/assimp/assimp/\nhttps://github.com/assimp/assimp/issues/6619\nhttps://github.com/user-attachments/files/27228962/poc.zip\nhttps://vuldb.com/cve/CVE-2026-10233\nhttps://vuldb.com/submit/821196\nhttps://vuldb.com/vuln/367512\nhttps://vuldb.com/vuln/367512/cti"], "statement": "This flaw is rated as Low impact because it requires a local attacker to provide specially crafted Half-Life 1 MDL files to an application using the Assimp library. Successful exploitation of this out-of-bounds read vulnerability in the Half-Life 1 MDL Loader component could lead to information disclosure, but only under conditions where a local user can control the input to the vulnerable component.", "threat_severity": "Low"}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[6.0.0,6.0.4]"}}], "enrichment": {"confidence": 95.0, "confidence_source": "inferred", "scores": [{"score": 95.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "original": {"product": "Assimp", "source": "cna", "vendor": "n/a"}, "product": "assimp", "vendor": "assimp"}], "created": "2026-06-01T08:30:24.224718+00:00", "updated": "2026-06-01T09:00:11.788762+00:00", "vendors": ["assimp", "assimp$PRODUCT$assimp"]}