CVE-2026-14610

A flaw has been found in Open Asset Import Library Assimp up to 6.0.5. Impacted is the function Assimp::CSMImporter::InternReadFile of the file code/AssetLib/CSM/CSMLoader.cpp of the component CSM File Handler. This manipulation causes heap-based buffer overflow. The attack is restricted to local execution. The exploit has been published and may be used. Patch name: eb84eec580d3f4ba2f0fd87409b7d0744620f11e. Applying a patch is the recommended action to fix this issue.
Configurations

No configuration.

History

03 Jul 2026, 21:16

Type Values Removed Values Added
New CVE

Information

Published : 2026-07-03 21:16

Updated : 2026-07-06 18:02


NVD link : CVE-2026-14610

Mitre link : CVE-2026-14610

CVE.ORG link : CVE-2026-14610


JSON object : View

Products Affected

No product.

CWE
CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CWE-122

Heap-based Buffer Overflow