CNNVD-202509-4214 Information

CNNVD ID

CNNVD-202509-4214

Related CVE

CVE-2025-10995

• CNNVD Published: 2025-09-26

Description (Chinese)

openbabel是Open Babel开源的一个化学工具箱软件。 openbabel 3.1.1及之前版本存在缓冲区错误漏洞，该漏洞源于zlib_stream::basic_unzip_streambuf::underflow函数存在内存损坏问题，可能导致本地攻击。

Description (English)

Openbabel is an Open Babel open-source chemical toolbox software. Openbabel 3.1.1 and previous versions contain an error loophole in the buffer zone, which stems from the memory damage of the zlib stream::basic unzip streambuf:underfly function, which may lead to local attacks.

Hazard Level

High

Vulnerability Type

缓冲区错误

Affected Vendor

Open Babel

Published

2025-09-26

Last Modified

2026-02-24

References

https://github.com/openbabel/openbabel/issues/2832 https://github.com/user-attachments/files/22318572/poc.zip https://vuldb.com/?ctiid.325923 https://vuldb.com/?id.325923 https://vuldb.com/?submit.654059