CVE-2026-10232

MEDIUM NVD

CVSS Score 5.3

Severity MEDIUM

Published Jun 01, 2026

Vendor unknown

Description

A weakness has been identified in Assimp up to 6.0.4. Affected by this vulnerability is the function aiNode::~aiNode of the file scene.cpp of the component ASE File Parser. Executing a manipulation can lead to use after free. The attack needs to be launched locally. The exploit has been made available to the public and could be used for attacks. The project tagged the reported issue as bug.

References

https://github.com/assimp/assimp/
https://github.com/assimp/assimp/issues/6617
https://github.com/user-attachments/files/27200601/poc.zip
https://vuldb.com/cve/CVE-2026-10232
https://vuldb.com/submit/821192