Low severity3.3NVD Advisory· Published Jun 1, 2026· Updated Jun 3, 2026
CVE-2026-10233
CVE-2026-10233
Description
A security vulnerability has been detected in Assimp up to 6.0.4. Affected by this issue is the function HL1MDLLoader::read_sequence_infos of the file HL1MDLLoader.cpp of the component Half-Life 1 MDL Loader. The manipulation of the argument aiString leads to out-of-bounds read. The attack needs to be performed locally. The exploit has been disclosed publicly and may be used. The project tagged the reported issue as bug.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1Patches
Vulnerability mechanics
References
5News mentions
1- Assimp: Ten Memory-Safety CVEs Disclosed Across Half-Life MDL, glTF, and FBX ParsersVypr Intelligence · Jun 1, 2026