Vulnerability Details CVE-2026-6067
A heap buffer overflow vulnerability exists in the Netwide Assembler (NASM) due to a lack of bounds checking in the obj_directive() function. This vulnerability can be exploited by a user assembling a malicious .asm file, potentially leading to heap memory corruption, denial of service (crash), and arbitrary code execution.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 19.9%
CVSS Severity
CVSS v3 Score 7.5
Products affected by CVE-2026-6067
-
cpe:2.3:a:nasm:netwide_assembler:3.02