SUSE CVE-2026-10232

A weakness has been identified in Assimp up to 6.0.4. Affected by this vulnerability is the function aiNode::aiNode of the file scene.cpp of the component ASE File Parser. Executing a manipulation can lead to use after free. The attack needs to be launched locally. The exploit has been made...

Linux Distros Unpatched Vulnerability : CVE-2026-10232

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A weakness has been identified in Assimp up to 6.0.4. Affected by this vulnerability is the function aiNode::aiNode of the file scene.cpp of the component ASE...

DEBIAN-CVE-2026-10232

A weakness has been identified in Assimp up to 6.0.4. Affected by this vulnerability is the function aiNode::aiNode of the file scene.cpp of the component ASE File Parser. Executing a manipulation can lead to use after free. The attack needs to be launched locally. The exploit has been made...

CVE-2026-10232

A weakness has been identified in Assimp up to 6.0.4. Affected by this vulnerability is the function aiNode::aiNode of the file scene.cpp of the component ASE File Parser. Executing a manipulation can lead to use after free. The attack needs to be launched locally. The exploit has been made...

CVE-2026-10232

A weakness has been identified in Assimp up to 6.0.4. Affected by this vulnerability is the function aiNode::aiNode of the file scene.cpp of the component ASE File Parser. Executing a manipulation can lead to use after free. The attack needs to be launched locally. The exploit has been made...

CVE-2026-10232

Technical details about CVE-2026-10232 are not publicly available in the provided documents. Monitor for updates.

CVE-2026-10232

A weakness has been identified in Assimp up to 6.0.4. Affected by this vulnerability is the function aiNode::aiNode of the file scene.cpp of the component ASE File Parser. Executing a manipulation can lead to use after free. The attack needs to be launched locally. The exploit has been made...

CVE-2026-10232 Assimp ASE File scene.cpp ~aiNode use after free

A weakness has been identified in Assimp up to 6.0.4. Affected by this vulnerability is the function aiNode::aiNode of the file scene.cpp of the component ASE File Parser. Executing a manipulation can lead to use after free. The attack needs to be launched locally. The exploit has been made...

EUVD-2026-33565

A weakness has been identified in Assimp up to 6.0.4. Affected by this vulnerability is the function aiNode::aiNode of the file scene.cpp of the component ASE File Parser. Executing a manipulation can lead to use after free. The attack needs to be launched locally. The exploit has been made...

Assimp resource management error vulnerability

Assimp is an open-source library developed by Assimp. It is used for importing and exporting various 3D model formats. Versions of Assimp 6.0.4 and earlier contained a resource management vulnerability. This vulnerability stemmed from a issue with the ASE File Parser component in the scene.cpp...

PT-2026-45276

A weakness has been identified in Assimp up to 6.0.4. Affected by this vulnerability is the function aiNode::aiNode of the file scene.cpp of the component ASE File Parser. Executing a manipulation can lead to use after free. The attack needs to be launched locally. The exploit has been made...

DICOM, Pydicom, GDCM, and Orthanc: A technical tour of what really happens in the heap

Over the last decade, DICOM parsing has become an active research topic. The reason is simple: DICOM is both critical and complicated. Hospitals rely on DICOM-based PACS systems, and those systems often automatically ingest files received over the network. That means malformed data could directly...

GitLab CE/EE - Remote Code Execution

GitLab CE/EE starting from 11.9 does not properly validate image files that were passed to a file parser, resulting in a remote command execution vulnerability. This template attempts to passively identify vulnerable versions of GitLab without the need for an exploit by matching unique hashes for...

CVE-2026-42477

A heap-based out-of-bounds read vulnerability in RWObjReader::read in the OBJ file parser in Open CASCADE Technology OCCT V800rc5 allows user-assisted attackers to cause a denial of service or obtain sensitive information by persuading a victim to open a crafted OBJ file. The issue occurs because...

OESA-2026-2227 wireshark security update

Wireshark is an open source tool for profiling network traffic and analyzing packets. Such a tool is often referred to as a network analyzer, network protocol analyzer or sniffer. Security Fixes: ICMPv6 PvD protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of...

CLSA-2026-1778128255 wireshark: Fix of 8 CVEs

CVE-2022-0585: fix large/infinite loops in multiple dissectors AMP, ATN-ULCS, BP, GDSDB, PMUL, WAP, ZigBee ZCL, OpenFlow v5/v6, IPDC, TDS, ASN.1 PER, FTUINTBYTES/STRING - CVE-2022-4344: fix Kafka dissector memory exhaustion via decompression/loop bounds - CVE-2023-0666: fix RTPS dissector...

Astra Linux - уязвимость в node-ini

This affects the package ini before version 1.3.6. If an attacker submits a malicious INI file to an application that parses it using ini.parse, they will corrupt the prototype within the application. This can be further exploited depending on the context...

Out-of-bounds Read

Overview Affected versions of this package are vulnerable to Out-of-bounds Read in the read process of the OBJ file parser when handling crafted OBJ files. An attacker can cause a denial of service or obtain sensitive information by persuading a victim to open a specially crafted OBJ file that...

DEBIAN-CVE-2026-42477

A heap-based out-of-bounds read vulnerability in RWObjReader::read in the OBJ file parser in Open CASCADE Technology OCCT V800rc5 allows user-assisted attackers to cause a denial of service or obtain sensitive information by persuading a victim to open a crafted OBJ file. The issue occurs because...

CVE-2026-42477

A heap-based out-of-bounds read vulnerability in RWObjReader::read in the OBJ file parser in Open CASCADE Technology OCCT V800rc5 allows user-assisted attackers to cause a denial of service or obtain sensitive information by persuading a victim to open a crafted OBJ file. The issue occurs because...