A vulnerability categorized as critical has been discovered in Assimp up to 6.0.4 . This impacts the function Assimp::MDL::HalfLife::HL1MDLLoader::read_animations of the file HL1MDLLoader.cpp of the component Half-Life 1 MDL Loader . Such manipulation leads to heap-based buffer overflow. This vulnerability is listed as CVE-2026-10230 . The attack must be carried out locally. In addition, an exploit is available. The project tagged the reported issue as bug.