{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-6068", "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b", "state": "PUBLISHED", "assignerShortName": "certcc", "dateReserved": "2026-04-10T13:29:25.329Z", "datePublished": "2026-04-10T13:30:38.420Z", "dateUpdated": "2026-04-10T13:30:38.420Z"}, "containers": {"cna": {"title": "CVE-2026-6068", "descriptions": [{"lang": "en", "value": "NASM contains a heap use after free vulnerability in response file (-@) processing where a dangling pointer to freed memory is stored in the global depend_file and later dereferenced, as the response-file buffer is freed before the pointer is used, allowing for data corruption or unexpected behavior."}], "source": {"discovery": "UNKNOWN"}, "affected": [{"vendor": "NASM", "product": "NASM", "versions": [{"status": "affected", "version": "nasm-3.02rc5"}]}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-416: Use After Free"}]}], "references": [{"url": "https://github.com/netwide-assembler/nasm/issues/222"}], "x_generator": {"engine": "VINCE 3.0.35", "env": "prod", "origin": "https://cveawg.mitre.org/api/cve/CVE-2026-6068"}, "providerMetadata": {"orgId": "37e5125f-f79b-445b-8fad-9564f167944b", "shortName": "certcc", "dateUpdated": "2026-04-10T13:30:38.420Z"}}}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "NASM contains a heap use after free vulnerability in response file (-@) processing where a dangling pointer to freed memory is stored in the global depend_file and later dereferenced, as the response-file buffer is freed before the pointer is used, allowing for data corruption or unexpected behavior."}], "id": "CVE-2026-6068", "lastModified": "2026-04-10T14:16:38.723", "metrics": {}, "published": "2026-04-10T14:16:38.723", "references": [{"source": "cret@cert.org", "url": "https://github.com/netwide-assembler/nasm/issues/222"}], "sourceIdentifier": "cret@cert.org", "vulnStatus": "Received"}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "nasm-3.02rc5"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "NASM", "source": "cna", "vendor": "NASM"}, "product": "nasm", "vendor": "nasm"}], "created": "2026-04-10T14:40:41.839304+00:00", "updated": "2026-04-10T14:40:41.839534+00:00", "vendors": ["nasm", "nasm$PRODUCT$nasm"]}