CVE-2026-42479

EPSS 0.1%
Veröffentlicht 01.05.2026 00:00:00
Zuletzt bearbeitet 01.05.2026 19:16:32
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

An out-of-bounds read vulnerability in VrmlData_IndexedLineSet::TShape in the VRML parser in Open CASCADE Technology (OCCT) V8_0_0_rc5 allows attackers to cause a denial of service via a crafted VRML file. The issue occurs because coordIndex values from parsed input are used as direct array indices without validation against the size of the coordinate array during geometry processing.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 4

NVD 7 VulnDex Vulnerability Enrichment 0

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Opencascade ≫ Open Cascade Technology Version <= 7.9.3

Opencascade ≫ Open Cascade Technology Version8.0.0 Updatebeta1

Opencascade ≫ Open Cascade Technology Version8.0.0 Updaterc1

Opencascade ≫ Open Cascade Technology Version8.0.0 Updaterc2

Opencascade ≫ Open Cascade Technology Version8.0.0 Updaterc3

Opencascade ≫ Open Cascade Technology Version8.0.0 Updaterc4

Opencascade ≫ Open Cascade Technology Version8.0.0 Updaterc5

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.1%	0.01

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	5.5	1.8	3.6	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
134c704f-9b21-4f2e-91b3-4a467353bcc0	5.5	1.8	3.6	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE-125 Out-of-bounds Read

The product reads data past the end, or before the beginning, of the intended buffer.

https://gist.github.com/sgInnora/dfba083d04906283e9c92aea78e2d94a

Third Party Advisory

https://nvd.nist.gov/vuln/detail/CVE-2026-42479

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2026-42479

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2026-42479

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2026-42479