CVE-2025-10999
BaseFortify
Publication date: 2025-09-26
Last updated on: 2026-04-29
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| openbabel | open_babel | to 3.1.1 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-404 | The product does not release or incorrectly releases a resource before it is made available for re-use. |
| CWE-476 | The product dereferences a pointer that it expects to be valid but is NULL. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability in Open Babel up to version 3.1.1 occurs in the function CacaoFormat::SetHilderbrandt within the file /src/formats/cacaoformat.cpp. It causes a null pointer dereference, which means the program attempts to access or manipulate memory through a pointer that is null, leading to a potential crash or denial of service. The vulnerability can only be exploited by someone with local access to the system.
How can this vulnerability impact me? :
The impact of this vulnerability is limited to causing a denial of service by crashing the affected application due to null pointer dereference. Since the attack requires local access and does not affect confidentiality or integrity, the main risk is disruption of service or application stability.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
This vulnerability does not impact confidentiality or integrity of data, only availability through potential denial of service. Therefore, it has minimal or no direct effect on compliance with standards like GDPR or HIPAA, which primarily focus on protecting data privacy and integrity.