A flaw has been found in Open Asset Import Library Assimp up to 6.0.5. Impacted is the function Assimp::CSMImporter::InternReadFile of the file code/AssetLib/CSM/CSMLoader.cpp of the component CSM File Handler. This manipulation causes heap-based buffer overflow. The attack is restricted to local execution. The exploit has been published and may be used. Patch name: eb84eec580d3f4ba2f0fd87409b7d0744620f11e. Applying a patch is the recommended action to fix this issue.
Metrics
Affected Vendors & Products
References
History
Fri, 03 Jul 2026 21:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | A flaw has been found in Open Asset Import Library Assimp up to 6.0.5. Impacted is the function Assimp::CSMImporter::InternReadFile of the file code/AssetLib/CSM/CSMLoader.cpp of the component CSM File Handler. This manipulation causes heap-based buffer overflow. The attack is restricted to local execution. The exploit has been published and may be used. Patch name: eb84eec580d3f4ba2f0fd87409b7d0744620f11e. Applying a patch is the recommended action to fix this issue. | |
| Title | Open Asset Import Library Assimp CSM File CSMLoader.cpp InternReadFile heap-based overflow | |
| First Time appeared |
Assimp
Assimp assimp |
|
| Weaknesses | CWE-119 CWE-122 |
|
| CPEs | cpe:2.3:a:assimp:assimp:*:*:*:*:*:*:*:* | |
| Vendors & Products |
Assimp
Assimp assimp |
|
| References |
|
|
| Metrics |
cvssV2_0
|
Status: PUBLISHED
Assigner: VulDB
Published:
Updated: 2026-07-03T20:45:10.258Z
Reserved: 2026-07-03T14:03:32.815Z
Link: CVE-2026-14610
No data.
No data.
No data.
OpenCVE Enrichment
No data.