CVE-2026-2705
Awaiting Analysis Awaiting Analysis - Queue
Out-of-Bounds Read in Open Babel MOL2 Handler Enables Remote Attack

Publication date: 2026-02-19

Last updated on: 2026-04-29

Assigner: VulDB

Description
A vulnerability was detected in Open Babel up to 3.1.1. The impacted element is the function OBAtom::SetFormalCharge in the library include/openbabel/atom.h of the component MOL2 File Handler. The manipulation results in out-of-bounds read. It is possible to launch the attack remotely. The exploit is now public and may be used. The patch is identified as e23a224b8fd9d7c2a7cde9ef4ec6afb4c05aa08a. A patch should be applied to remediate this issue. The project was informed of the problem early through an issue report but has not responded yet.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-02-19
Last Modified
2026-04-29
Generated
2026-06-16
AI Q&A
2026-02-19
EPSS Evaluated
2026-06-14
NVD
CVE-2026-2705
EUVD
EUVD-2026-7561
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
openbabel open_babel to 3.1.1 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-119 The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.
CWE-125 The product reads data past the end, or before the beginning, of the intended buffer.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2026-2705 is a vulnerability in Open Babel versions up to 3.1.1, specifically in the MOL2 File Handler component within the function OBAtom::SetFormalCharge. The issue arises when parsing malformed MOL2 files, where the code does not properly validate pointers before use, leading to a NULL pointer dereference or out-of-bounds read.

This vulnerability causes the program to perform an out-of-bounds memory access or a segmentation fault due to dereferencing a NULL pointer, which can crash the application. The problem occurs because the function attempts to set the formal charge on an atom pointer that may be NULL due to invalid or mismatched atom data in the input file.

The vulnerability can be triggered remotely by supplying a crafted MOL2 file, and an exploit is publicly available demonstrating how to cause the crash.

Impact Analysis

This vulnerability can lead to application crashes (segmentation faults) when processing malformed MOL2 files, resulting in denial of service or instability of the Open Babel software.

Since the attack can be launched remotely without authentication, it poses a risk of disrupting services or workflows that rely on Open Babel for molecular file processing.

The impact primarily affects software availability, potentially causing interruptions in automated or user-driven chemical data processing tasks.

Compliance Impact

I don't know

Detection Guidance

This vulnerability can be detected by attempting to process malformed MOL2 files with the Open Babel tool and observing if a crash or segmentation fault occurs.

A practical detection method involves building Open Babel with AddressSanitizer (ASan) enabled and running the obabel command-line tool to convert a crafted malformed MOL2 file, such as the repro.mol2 file available in the public exploit repository.

Example command to reproduce the crash (assuming Open Babel is built with ASan):

  • obabel repro.mol2 -O output.sdf

If the tool crashes with a segmentation fault related to OBAtom::SetFormalCharge, it indicates the presence of the vulnerability.

Mitigation Strategies

Currently, there is no official patch or response from the Open Babel project to address this vulnerability.

Immediate mitigation steps include:

  • Avoid processing untrusted or malformed MOL2 files with Open Babel versions up to 3.1.1.
  • Consider replacing or upgrading the affected component with an alternative product or a future patched version once available.
  • Implement input validation or filtering to prevent malformed MOL2 files from being processed.

These steps help reduce the risk of exploitation leading to crashes or denial of service.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-2705. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart