Critical severity9.6NVD Advisory· Published Apr 10, 2026· Updated May 26, 2026
CVE-2026-6068
CVE-2026-6068
Description
NASM contains a heap use after free vulnerability in response file (-@) processing where a dangling pointer to freed memory is stored in the global depend_file and later dereferenced, as the response-file buffer is freed before the pointer is used, allowing for data corruption or remote code execution.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- cpe:2.3:a:nasm:netwide_assembler:3.02:rc5:*:*:*:*:*:*
Patches
Vulnerability mechanics
References
2- github.com/netwide-assembler/nasm/issues/222nvdExploitIssue Tracking
- sekai.team/blog/nasm-cve-disclosure/cve-2026-6068nvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.