CVE-2025-10994
BaseFortify
Publication date: 2025-09-26
Last updated on: 2026-04-29
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| openbabel | open_babel | to 3.1.1 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-119 | The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data. |
| CWE-416 | The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a use-after-free weakness in the Open Babel software up to version 3.1.1, specifically in the function GAMESSOutputFormat::ReadMolecule within the file gamessformat.cpp. It allows an attacker with local access to manipulate the program's memory, potentially leading to unexpected behavior or exploitation.
How can this vulnerability impact me? :
The vulnerability can lead to unauthorized manipulation of the program's memory, which may cause crashes, data corruption, or potentially allow an attacker to execute arbitrary code with the privileges of the affected process. Since the attack requires local access, it impacts users who have some level of access to the host system.