Description
A vulnerability was identified in Assimp up to 6.0.4. This impacts the function Assimp::MDL::HalfLife::HL1MDLLoader::read_animations of the file HL1MDLLoader.cpp of the component Half-Life 1 MDL Loader. Such manipulation leads to heap-based buffer overflow. The attack must be carried out locally. The exploit is publicly available and might be used. The project tagged the reported issue as bug.
Published: 2026-06-01
Score: 4.8 Medium
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A heap-based buffer overflow exists in the HL1MDLLoader::read_animations function of the Assimp Half‑Life 1 MDL Loader. When a crafted .mdl file is parsed, the animation data overflows a heap buffer, which can corrupt memory or lead to arbitrary code execution if the local attacker can supply the file to the parsing process. The vulnerability is limited to local exploitation and does not provide remote code execution by itself.

Affected Systems

Assimp library versions up to and including 6.0.4, which contain the vulnerable HL1MDLLoader component. Any system that loads Half‑Life 1 MDL files with these versions is impacted.

Risk and Exploitability

The CVSS score of 4.8 indicates moderate severity. No EPSS score is available, and the vulnerability is not listed in the CISA KEV catalog. Publicly available exploit code demonstrates the vulnerability can be leveraged locally, and an attacker with local access can potentially achieve arbitrary code execution by serving a malicious .mdl file to a vulnerable application.

Generated by OpenCVE AI on June 1, 2026 at 08:22 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade Assimp to a version where the HL1MDLLoader::read_animations overflow is fixed.
  • Ensure that only trusted processes load .mdl files and restrict local execution privileges for untrusted users.
  • Monitor systems for anomalous memory access patterns or crashes that may indicate exploitation attempts.

Generated by OpenCVE AI on June 1, 2026 at 08:22 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Mon, 01 Jun 2026 07:30:00 +0000

Type Values Removed Values Added
Description A vulnerability was identified in Assimp up to 6.0.4. This impacts the function Assimp::MDL::HalfLife::HL1MDLLoader::read_animations of the file HL1MDLLoader.cpp of the component Half-Life 1 MDL Loader. Such manipulation leads to heap-based buffer overflow. The attack must be carried out locally. The exploit is publicly available and might be used. The project tagged the reported issue as bug.
Title Assimp Half-Life 1 MDL Loader HL1MDLLoader.cpp read_animations heap-based overflow
First Time appeared Assimp
Assimp assimp
Weaknesses CWE-119
CWE-122
CPEs cpe:2.3:a:assimp:assimp:*:*:*:*:*:*:*:*
Vendors & Products Assimp
Assimp assimp
References
Metrics cvssV2_0

{'score': 4.3, 'vector': 'AV:L/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR'}

cvssV3_0

{'score': 5.3, 'vector': 'CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R'}

cvssV3_1

{'score': 5.3, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R'}

cvssV4_0

{'score': 4.8, 'vector': 'CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P'}

Subscriptions

Assimp Assimp
cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published:

Updated: 2026-06-01T06:00:12.237Z

Reserved: 2026-05-31T08:10:56.826Z

Link: CVE-2026-10230

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Received

Published: 2026-06-01T08:16:19.223

Modified: 2026-06-01T08:16:19.223

Link: CVE-2026-10230

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-01T08:30:24Z

Weaknesses