What is CVE-2026-29628?

CVE-2026-29628 is a vulnerability in N/a. Published 2026-04-13.

Is CVE-2026-29628 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2026-29628

A stack overflow in the experimental/tinyobj_loader_opt.h file of tinyobjloader commit d56555b allows attackers to cause a Denial of Service (DoS) via supplying a crafted .mtl file.

EPSS: 0.000 (5.1th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

kiyochii/CVE-2026-29628

References

github.com/kiyochii/tinyobjloader/commit/386b73bb8c1a855236beb73b11f45f7feac4e0…
github.com/kiyochii/CVE-2026-29628

Frequently asked questions

What is CVE-2026-29628?: CVE-2026-29628 is a vulnerability in N/a. Published 2026-04-13.
Is CVE-2026-29628 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.