{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-6068", "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b", "state": "PUBLISHED", "assignerShortName": "certcc", "dateReserved": "2026-04-10T13:29:25.329Z", "datePublished": "2026-04-10T13:30:38.420Z", "dateUpdated": "2026-04-10T14:56:52.908Z"}, "containers": {"cna": {"title": "CVE-2026-6068", "descriptions": [{"lang": "en", "value": "NASM contains a heap use after free vulnerability in response file (-@) processing where a dangling pointer to freed memory is stored in the global depend_file and later dereferenced, as the response-file buffer is freed before the pointer is used, allowing for data corruption or unexpected behavior."}], "source": {"discovery": "UNKNOWN"}, "affected": [{"vendor": "NASM", "product": "NASM", "versions": [{"status": "affected", "version": "nasm-3.02rc5"}]}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-416: Use After Free"}]}], "references": [{"url": "https://github.com/netwide-assembler/nasm/issues/222"}], "x_generator": {"engine": "VINCE 3.0.35", "env": "prod", "origin": "https://cveawg.mitre.org/api/cve/CVE-2026-6068"}, "providerMetadata": {"orgId": "37e5125f-f79b-445b-8fad-9564f167944b", "shortName": "certcc", "dateUpdated": "2026-04-10T13:30:38.420Z"}}, "adp": [{"metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2026-04-10T14:56:02.839621Z", "id": "CVE-2026-6068", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-10T14:56:52.908Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2026-6068", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-04-10T14:56:02.839621Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-10T14:56:23.209Z"}}], "cna": {"title": "CVE-2026-6068", "source": {"discovery": "UNKNOWN"}, "affected": [{"vendor": "NASM", "product": "NASM", "versions": [{"status": "affected", "version": "nasm-3.02rc5"}]}], "references": [{"url": "https://github.com/netwide-assembler/nasm/issues/222"}], "x_generator": {"env": "prod", "engine": "VINCE 3.0.35", "origin": "https://cveawg.mitre.org/api/cve/CVE-2026-6068"}, "descriptions": [{"lang": "en", "value": "NASM contains a heap use after free vulnerability in response file (-@) processing where a dangling pointer to freed memory is stored in the global depend_file and later dereferenced, as the response-file buffer is freed before the pointer is used, allowing for data corruption or unexpected behavior."}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-416: Use After Free"}]}], "providerMetadata": {"orgId": "37e5125f-f79b-445b-8fad-9564f167944b", "shortName": "certcc", "dateUpdated": "2026-04-10T13:30:38.420Z"}}}, "cveMetadata": {"cveId": "CVE-2026-6068", "state": "PUBLISHED", "dateUpdated": "2026-04-10T14:56:52.908Z", "dateReserved": "2026-04-10T13:29:25.329Z", "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b", "datePublished": "2026-04-10T13:30:38.420Z", "assignerShortName": "certcc"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:nasm:netwide_assembler:3.02:rc5:*:*:*:*:*:*", "matchCriteriaId": "EA22EDB2-D094-433E-887D-A211FEC02A90", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "NASM contains a heap use after free vulnerability in response file (-@) processing where a dangling pointer to freed memory is stored in the global depend_file and later dereferenced, as the response-file buffer is freed before the pointer is used, allowing for data corruption or unexpected behavior."}], "id": "CVE-2026-6068", "lastModified": "2026-04-16T19:48:57.250", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 2.5, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2026-04-10T14:16:38.723", "references": [{"source": "cret@cert.org", "tags": ["Exploit", "Issue Tracking"], "url": "https://github.com/netwide-assembler/nasm/issues/222"}], "sourceIdentifier": "cret@cert.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-416"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "nasm:", "id": "2457290", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2457290"}, "csaw": false, "details": ["No description is available for this CVE."], "name": "CVE-2026-6068", "public_date": "2026-04-10T13:30:38Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2026-6068\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-6068\nhttps://github.com/netwide-assembler/nasm/issues/222"]}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "nasm-3.02rc5"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "NASM", "source": "cna", "vendor": "NASM"}, "product": "nasm", "vendor": "nasm"}], "analysis": {"en": {"generated_at": "2026-04-10T16:23:25.561475+00:00", "value": {"mitigation_remediation": ["Check for an updated version of NASM that addresses the issue and install it.", "If no patch is available, avoid using the response file feature until a fix is released and limit NASM execution to trusted users.", "Monitor the official NASM issue tracker or mailing list for updates on a fix.", "As a temporary precaution, run NASM under sandboxing or strict memory protection settings such as address space layout randomization and stack canaries to reduce the risk of arbitrary code execution."], "summary": {"action": "Apply Patch", "impact": "Data Corruption"}, "threat_synthesis": {"affected_systems": "The Netwide Assembler (NASM) is the affected product. No specific version numbers are listed, so any release containing the vulnerable response\u2011file parser may be at risk. This issue is tied to the NASM codebase itself and is not limited to any particular operating system or distribution.", "description_and_impact": "NASM implements a use\u2011after\u2011free bug in its response file (-@) handling. A dangling pointer to freed memory is stored in the global depend_file and later dereferenced when the buffer is released, leading to memory corruption or unpredictable behaviour. The underlying weakness is a classic heap use\u2011after\u2011free error. An attacker could potentially exploit this to corrupt program state or cause a crash.", "risk_and_exploitability": "The CVSS score of 6.5 places this vulnerability in the moderate severity range. EPSS data is not available and the flaw is not listed in the CISA Known Exploited Vulnerabilities catalog, indicating no widespread public exploitation yet. The likely attack vector is local; a user who runs NASM with a crafted response file can trigger the use\u2011after\u2011free. While the damage is currently limited to memory corruption, an attacker with additional weaknesses could potentially execute arbitrary code. Remote exploitation is unlikely unless NASM is invoked by a network\u2011exposed service."}}}}, "created": "2026-04-10T14:40:41.839304+00:00", "title": "Heap Use\u2011After\u2011Free in NASM Response File Processing", "updated": "2026-04-13T13:01:26.568576+00:00", "vendors": ["nasm", "nasm$PRODUCT$nasm"], "weaknesses": ["CWE-416"]}