CVE-2026-10229: Assimp Half-Life MDL Loader Heap Buffer Overflow
Assimp, a widely-used 3D model import library, contains a heap-based buffer overflow in its Half-Life 1 MDL file loader. An attacker with local system access can craft a malicious .MDL file that, when processed by an application using vulnerable Assimp versions up to 6.0.4, triggers memory corruption. This could lead to information disclosure, data corruption, or process crash. The vulnerability requires local execution and has been publicly disclosed.
Source data · NVD / CISA · public domain
- CVSS
- 3.1 · 5.3 MEDIUM · CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
- Weaknesses (CWE)
- CWE-119, CWE-122
- Affected products
- 0 configuration(s)
- Published / Modified
- 2026-06-01 / 2026-06-17
NVD description (verbatim)
A vulnerability was determined in Assimp up to 6.0.4. This affects the function HL1MDLLoader::read_meshes of the file HL1MDLLoader.cpp of the component Half-Life 1 MDL Loader. This manipulation causes heap-based buffer overflow. The attack is restricted to local execution. The exploit has been publicly disclosed and may be utilized. The project tagged the reported issue as bug.
7 reference(s) · View on NVD →
SEC.co analysis · AI-assisted, reviewed against source
Technical summary
CVE-2026-10229 is a heap-based buffer overflow (CWE-119, CWE-122) in the HL1MDLLoader::read_meshes function within HL1MDLLoader.cpp. The flaw occurs during the parsing of Half-Life 1 MDL format model files. Insufficient bounds checking on heap-allocated buffers allows an attacker to write beyond allocated memory boundaries. The attack vector is local (AV:L), requires low privileges (PR:L), involves no user interaction (UI:N), and affects only the vulnerable process scope (S:U). Affected versions include Assimp up to and including 6.0.4.
Business impact
Organizations embedding Assimp in desktop applications, game engines, 3D content pipelines, or engineering tools face operational risk. A compromised or untrusted MDL file processed by an affected application could corrupt process memory, leak sensitive data loaded into that process, or cause denial of service. Supply chain risk increases if Assimp is bundled in widely distributed software. Patch deployment is straightforward for most vendors, but custom integrations may require rebuild cycles.
Affected systems
Assimp library versions up to and including 6.0.4 are vulnerable. Any application statically or dynamically linking Assimp and parsing Half-Life 1 MDL files is affected. This includes 3D modeling tools, game engines (particularly those supporting legacy Half-Life assets), content importers, and custom applications using Assimp's Half-Life loader component. Systems without local unprivileged user access or that do not process untrusted MDL files face reduced risk.
Exploitability
The vulnerability requires local execution and privileges of a local user. Public disclosure has occurred, and exploitation guidance may be available in public repositories or security disclosures. The attack depends on a user or application processing a malicious MDL file, making it suitable for targeted attacks or supply chain compromise scenarios. No evidence indicates active weaponization in widespread exploit kits or ransomware campaigns.
Remediation
Upgrade Assimp to a version released after 6.0.4 that contains the fix for the HL1MDLLoader buffer overflow. Verify the patched version against the official Assimp repository or vendor advisory. Organizations should rebuild and redistribute any applications embedding Assimp. Until patching is feasible, restrict processing of MDL files to trusted sources and disable Half-Life model loading if not required.
Patch guidance
Consult the official Assimp project repository on GitHub or your vendor's advisory for the specific patched version addressing CVE-2026-10229. Update Assimp library and recompile dependent applications. Test patched builds with existing MDL assets to ensure compatibility. If Assimp is vendored in your codebase, apply upstream fixes or backport the memory safety correction from the main branch. Verify patch status before deploying to production.
Detection guidance
Monitor for crashes or memory corruption errors in applications processing MDL files, particularly unexpected process terminations with heap corruption signatures. Enable Address Sanitizer (ASan) or similar memory debugging tools during testing to detect buffer overflow conditions early. Review application logs for attempted loading of MDL files from untrusted sources. In managed environments, track Assimp version usage across deployed software inventory and flag instances of version 6.0.4 or earlier.
Why prioritize this
Although rated MEDIUM severity, this vulnerability merits prompt attention because: (1) public exploit information is available, lowering the barrier to weaponization; (2) the vulnerability affects a foundational library used in creative tools and game development; (3) supply chain propagation risk is significant if vendors have not yet patched; and (4) local execution can be achieved through social engineering or supply chain compromise. Prioritize patching in development environments and applications handling external 3D assets.
Risk score, explained
The CVSS 3.1 score of 5.3 (MEDIUM) reflects local-only attack surface (AV:L), requirement for local user privileges (PR:L), no user interaction needed (UI:N), and impact limited to the affected process (S:U). Confidentiality, integrity, and availability impacts are each rated low (L). The score does not fully capture supply chain or targeted attack scenarios, so organizational context and asset sensitivity should inform local risk assessment.
Frequently asked questions
Which applications are most at risk from this vulnerability?
Applications that import Half-Life 1 MDL model files are most at risk. This includes game engines (especially those supporting legacy Half-Life content), 3D modeling and content authoring tools, game asset pipelines, and any custom applications built on Assimp's Half-Life loader. Desktop environments with multiple local users or those accepting untrusted 3D models face elevated risk.
Can this vulnerability be exploited remotely over a network?
No. The vulnerability requires local code execution (AV:L) and local user privileges (PR:L). A remote attacker cannot directly trigger it across a network. However, remote attackers could attempt to deliver a malicious MDL file to a target system through email, file-sharing services, or compromised repositories, and then rely on social engineering or existing local access to trigger processing.
What should I do if my organization uses Assimp?
First, inventory your applications to identify those embedding or depending on Assimp. Check which versions are deployed; any version up to 6.0.4 is vulnerable if it processes MDL files. Upgrade to a patched version from the Assimp project repository, rebuild dependent applications, and test thoroughly. If immediate patching is not feasible, disable Half-Life model loading or restrict MDL file processing to verified trusted sources.
Is this vulnerability included on the CISA KEV catalog?
No. As of the current advisory date, this vulnerability has not been added to the CISA Known Exploited Vulnerabilities (KEV) catalog. However, public disclosure and available exploitation information mean the threat landscape could change. Monitor CISA KEV updates and security announcements for any status change.
This analysis is provided for informational purposes and represents SEC.co's interpretation of publicly available vulnerability data as of the published date. Specific patch version numbers, affected product lists, and technical details should be verified against official Assimp project advisories and vendor documentation before making remediation decisions. Security impact may vary based on application implementation, deployment context, and asset sensitivity. This document does not constitute professional security advice and should be reviewed in conjunction with your organization's vulnerability management policies and threat model. Source: NVD (public-domain), retrieved 2026-07-07. Analysis generated by SEC.co (claude-haiku-4-5).
Related vulnerabilities
- CVE-2026-10194MEDIUMOFFIS DCMTK Heap Buffer Overflow in Query/Retrieve Service
- CVE-2026-10200MEDIUMAssimp 6.0.4 Heap Buffer Overflow in glTF Matrix Parser
- CVE-2026-10230MEDIUMAssimp Half-Life MDL Loader Heap Buffer Overflow Vulnerability
- CVE-2026-10231MEDIUMAssimp Heap Buffer Overflow in HL1 MDL Loader
- CVE-2025-55664MEDIUMGPAC MP4Box Heap Buffer Overflow DoS Vulnerability
- CVE-2026-10064MEDIUMTRENDnet TEW-432BRP Stack Overflow – Unpatched EOL Router Vulnerability
- CVE-2026-10114MEDIUMOpen5GS Out-of-Bounds Write in NF Profile Parser
- CVE-2026-10232MEDIUMAssimp Use-After-Free in ASE Parser (CVSS 5.3)