Detections
Analytics

CVE-2026-10232

medium

Description

A weakness has been identified in Assimp up to 6.0.4. Affected by this vulnerability is the function aiNode::~aiNode of the file scene.cpp of the component ASE File Parser. Executing a manipulation can lead to use after free. The attack needs to be launched locally. The exploit has been made available to the public and could be used for attacks. The project tagged the reported issue as bug.

References

https://vuldb.com/vuln/367511/cti

https://vuldb.com/vuln/367511

https://vuldb.com/submit/821192

https://vuldb.com/cve/CVE-2026-10232

https://github.com/user-attachments/files/27200601/poc.zip

https://github.com/assimp/assimp/issues/6617

https://github.com/assimp/assimp/

Details

Source: Mitre, NVD

Published: 2026-06-01

Updated: 2026-06-01

Risk Information

CVSS v2

Base Score: 4.3

Vector: CVSS2#AV:L/AC:L/Au:S/C:P/I:P/A:P

Severity: Medium

CVSS v3

Base Score: 5.3

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

Severity: Medium

CVSS v4

Base Score: 4.8

Vector: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N

Severity: Medium