Open Babel MOL2 File atom.h SetFormalCharge out-of-bounds_CVE-2026-2705

5.3 / 10

MEDIUM

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P

Description

A vulnerability was detected in Open Babel up to 3.1.1. The impacted element is the function OBAtom::SetFormalCharge in the library include/openbabel/atom.h of the component MOL2 File Handler. The manipulation results in out-of-bounds read. It is possible to launch the attack remotely. The exploit is now public and may be used. The project was informed of the problem early through an issue report but has not responded yet.

Basic Information

ID CVE-2026-2705

Source VulDB

Published Feb 19, 2026 at 05:02

Affected Product

Vendor n/a

Product Open Babel

Version 3.1.0

Affected Versions n/a Open Babel 3.1.0
n/a Open Babel 3.1.1

CWE Classification

CWE-125 CWE-119

References

{
    "lastseen": "",
    "description": "A vulnerability was detected in Open Babel up to 3.1.1. The impacted element is the function OBAtom::SetFormalCharge in the library include/openbabel/atom.h of the component MOL2 File Handler. The manipulation results in out-of-bounds read. It is possible to launch the attack remotely. The exploit is now public and may be used. The project was informed of the problem early through an issue report but has not responded yet.",
    "published": "2026-02-19T05:02:07.101Z",
    "modified": "2026-02-19T05:02:07.101Z",
    "type": "cve",
    "title": "Open Babel MOL2 File atom.h SetFormalCharge out-of-bounds",
    "source": "VulDB",
    "references": "https://vuldb.com/?id.346651\nhttps://vuldb.com/?ctiid.346651\nhttps://vuldb.com/?submit.754379\nhttps://github.com/openbabel/openbabel/issues/2848\nhttps://github.com/oneafter/0128/blob/main/ob2/repro.mol2",
    "id": "CVE-2026-2705",
    "bulletinFamily": "",
    "cwe": [
        "CWE-125",
        "CWE-119"
    ],
    "cvelist": null,
    "sourceData": "n/a Open Babel 3.1.0\nn/a Open Babel 3.1.1",
    "sourceHref": "",
    "cvss": {
        "score": 5.3,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Open Babel",
    "version": "3.1.0",
    "vendor": "n/a",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}