CVE-2026-6067

CVSS Score & Metrics

Base Score

7.5 / 10

Vector String

                                        CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H                                    

Vulnerability Description

A heap buffer overflow vulnerability exists in the Netwide Assembler (NASM) due to a lack of bounds checking in the obj_directive() function. This vulnerability can be exploited by a user assembling a malicious .asm file, potentially leading to heap memory corruption, denial of service (crash), and arbitrary code execution.

Vulnerability Details

Published Date

April 10, 2026

Last Modified

April 16, 2026

CWE ID

CWE-787

Source

NVD

Vendor

nasm

Product

netwide_assembler

External References

https://github.com/netwide-assembler/nasm/issues/203

CVSS Score & Metrics

Vulnerability Description

Vulnerability Details

External References

Discussion (0)

Add Comment