CVE-2026-10233 | Assimp up to 6.0.4 Half-Life 1 MDL Loader HL1MDLLoader.cpp read_sequence_infos aiString out-of-bounds (Issue 6619)

A vulnerability marked as problematic has been reported in Assimp up to 6.0.4. Affected by this issue is the function HL1MDLLoader::read_sequence_infos of the file HL1MDLLoader.cpp of the component Half-Life 1 MDL Loader. The manipulation of the argument aiString leads to out-of-bounds read.

This vulnerability is documented as CVE-2026-10233. The attack needs to be performed locally. Additionally, an exploit exists.

The project tagged the reported issue as bug.VulDB Recent EntriesRead More