A vulnerability was found in Assimp up to 6.0.4 . It has been rated as critical . This affects the function HL1MDLLoader::read_meshes of the file HL1MDLLoader.cpp of the component Half-Life 1 MDL Loader . This manipulation causes heap-based buffer overflow. This vulnerability is tracked as CVE-2026-10229 . The attack is restricted to local execution. Moreover, an exploit is present. The project tagged the reported issue as bug.