Cyber Posture

CVE-2026-6067

MediumPublic PoC

Published: 10 April 2026

Published
10 April 2026
Modified
23 April 2026
KEV Added
Patch
CVSS Score 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
EPSS Score 0.0004 11.0th percentile
Risk Priority 11 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2026-6067 is a medium-severity Out-of-bounds Write (CWE-787) vulnerability in Nasm Netwide Assembler. Its CVSS base score is 5.5 (Medium).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Client Execution (T1203); ranked at the 11.0th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-16 (Memory Protection).

Threat & Defense at a Glance

What attackers do: exploitation maps to Exploitation for Client Execution (T1203) and 1 other technique. What defenders deploy: see the NIST 800-53 controls recommended below.
Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SI-2 Flaw Remediation good match
prevent

Flaw remediation requires timely patching of the heap buffer overflow in NASM's obj_directive() function to eliminate the vulnerability.

SI-16 Memory Protection good match
prevent

Memory protection mechanisms such as heap isolation, randomization, and canaries prevent exploitation of heap buffer overflows leading to corruption or code execution.

SI-10 Information Input Validation good match
prevent

Information input validation enforces bounds checking on .asm files processed by NASM, directly countering the lack of bounds checks in obj_directive().

MITRE ATT&CK Enterprise TechniquesAI

T1203 Exploitation for Client Execution Execution
Adversaries may exploit software vulnerabilities in client applications to execute code.
attack.mitre.org →
T1204.002 Malicious File Execution
An adversary may rely upon a user opening a malicious file in order to gain execution.
attack.mitre.org →
Why these techniques?

Heap buffer overflow in NASM enables arbitrary code execution via malicious .asm file processed by user, directly mapping to client-side exploitation and malicious file execution.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

NVD Description

A heap buffer overflow vulnerability exists in the Netwide Assembler (NASM) due to a lack of bounds checking in the obj_directive() function. This vulnerability can be exploited by a user assembling a malicious .asm file, potentially leading to heap memory…

more

corruption, denial of service (crash), and arbitrary code execution.

Deeper analysisAI

CVE-2026-6067 is a heap buffer overflow vulnerability in the Netwide Assembler (NASM), caused by a lack of bounds checking in the obj_directive() function. It affects NASM when processing assembly files and is classified under CWE-787 (Out-of-bounds Write). The vulnerability was published on 2026-04-10.

A local attacker with no privileges can exploit this issue by tricking a user into assembling a malicious .asm file, which requires user interaction but is of low attack complexity. Exploitation can lead to heap memory corruption, denial of service through application crash, or arbitrary code execution. The CVSS v3.1 base score is 5.5 (AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H), indicating medium severity primarily due to high availability impact.

Mitigation details and further discussion are available in the GitHub issue at https://github.com/netwide-assembler/nasm/issues/203.

Details

CWE(s)
CWE-787

Affected Products

nasm
netwide assembler
3.02

CVEs Like This One

CVE-2026-6069Same product: Nasm Netwide Assembler
CVE-2026-21327Shared CWE-787
CVE-2026-3094Shared CWE-787
CVE-2025-27166Shared CWE-787
CVE-2025-21131Shared CWE-787
CVE-2025-24452Shared CWE-787
CVE-2026-27295Shared CWE-787
CVE-2026-27622Shared CWE-787
CVE-2025-21157Shared CWE-787
CVE-2026-21352Shared CWE-787

References