CVE-2026-2653
Heap-Based Buffer Overflow in admesh stl_check_normal_vector Function
Publication date: 2026-02-18
Last updated on: 2026-04-29
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| admesh_project | admesh | to 0.98.5 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-119 | The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data. |
| CWE-122 | A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc(). |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2026-2653 is a heap-based buffer overflow vulnerability found in the ADMesh software up to version 0.98.5. It occurs in the function stl_check_normal_vector within the source file src/normals.c. The vulnerability arises because the function uses an index parameter without proper validation, leading to out-of-bounds access when processing malformed STL files. This causes a heap buffer overflow during normal vector checking and fixing operations.
The overflow happens when the software reads memory beyond the allocated heap buffer, which can corrupt memory and potentially allow an attacker to execute arbitrary code or cause a denial of service. The attack must be initiated locally, and a proof-of-concept exploit has been publicly released.
ADMesh is a command-line tool and C library used for processing STL files, including checking and repairing mesh flaws. This vulnerability affects the normal vector checking functionality, which is critical for ensuring mesh correctness.
How can this vulnerability impact me? :
This vulnerability can lead to memory corruption through a heap-based buffer overflow, which may allow an attacker with local access to execute arbitrary code or cause a denial of service on the system running ADMesh.
Since the vulnerability is triggered by processing specially crafted malformed STL files, an attacker could exploit this by providing such files to the software, potentially compromising the confidentiality, integrity, and availability of the affected system.
Because ADMesh is not actively maintained and no patches or mitigations are available, users are advised to consider replacing it with alternative software to avoid exposure.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability is a heap-based buffer overflow in the admesh software when processing STL files, specifically triggered by malformed STL files during normal vector checks.
Detection involves identifying attempts to exploit the vulnerability by monitoring the use of admesh version 0.98.5 or earlier when processing STL files, especially those that may be malformed.
Since admesh is a command-line tool for processing STL files, you can detect suspicious activity by checking for crashes or abnormal behavior when running admesh commands on STL files.
Suggested commands to detect potential exploitation or test for the vulnerability include running admesh with STL files and monitoring for crashes or errors:
- admesh --check <file.stl> # Checks STL file for flaws including normal vector issues
- admesh --repair <file.stl> # Attempts to repair STL files, which triggers the vulnerable code path
Additionally, fuzz testing tools like AFL++ and AddressSanitizer (ASan) have been used to discover this vulnerability, so similar fuzzing techniques could be employed to detect attempts to exploit it.
What immediate steps should I take to mitigate this vulnerability?
There are no known patches or fixes available for this vulnerability because the admesh software is no longer actively maintained.
Immediate mitigation steps include:
- Avoid processing untrusted or malformed STL files with admesh versions up to 0.98.5.
- Restrict local access to systems running vulnerable versions of admesh to prevent exploitation, as the attack requires local access.
- Consider replacing admesh with alternative software that is actively maintained and does not have this vulnerability.
- Monitor systems for crashes or abnormal behavior related to admesh usage.