CSIRTS // UNIFIED SECURITY ADVISORY FEEDSYS ● ONLINE · POWERED BY INTELFUSIONS.COM

CVE-2026-14610

mediumCVSS 5.3covered by 1 sourcefirst seen 2026-07-03
A flaw has been found in Open Asset Import Library Assimp up to 6.0.5. Impacted is the function Assimp::CSMImporter::InternReadFile of the file code/AssetLib/CSM/CSMLoader.cpp of the component CSM File Handler. This manipulation causes heap-based buffer overflow. The attack is restricted to local execution. The exploit has been published and may be used. Patch name: eb84eec580d3f4ba2f0fd87409b7d0744620f11e. Applying a patch is the recommended action to fix this issue.

⚡ Watch CVE-2026-14610

Get an email if CVE-2026-14610 is added to CISA KEV, gains public exploit code, or a new advisory cites it — max one per day, one-click unsubscribe.

Exploitation outlook

Advisory coverage (1)

External references

NVD record for CVE-2026-14610

CVE.org record

Embed the live status

CVE-2026-14610 live status badge — this badge updates automatically when the KEV or exploit status changes. How to embed it →

[![CVE-2026-14610 status](https://www.csirts.com/badge/CVE-2026-14610)](https://www.csirts.com/cve/CVE-2026-14610)