CVE-2026-42476
Awaiting Analysis Awaiting Analysis - Queue
Heap-based Out-of-Bounds Reads in Open CASCADE Technology

Publication date: 2026-05-01

Last updated on: 2026-05-01

Assigner: MITRE

Description
Two heap-based out-of-bounds read vulnerabilities in the STL ASCII file parser in Open CASCADE Technology (OCCT) V8_0_0_rc5 exist in RWStl_Reader::ReadAscii because buffers returned by Standard_ReadLineBuffer::ReadLine() are not properly length-validated before strncasecmp or direct byte access. User-assisted attackers can trigger these issues by persuading a victim to open a crafted STL file with extremely short lines, resulting in a denial of service or possible information disclosure.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-05-01
Last Modified
2026-05-01
Generated
2026-06-16
AI Q&A
2026-05-01
EPSS Evaluated
2026-06-15
NVD
CVE-2026-42476
EUVD
EUVD-2026-26599
Affected Vendors & Products
Showing 7 associated CPEs
Vendor Product Version / Range
opencascade open_cascade_technology to 7.9.3 (inc)
opencascade open_cascade_technology 8.0.0
opencascade open_cascade_technology 8.0.0
opencascade open_cascade_technology 8.0.0
opencascade open_cascade_technology 8.0.0
opencascade open_cascade_technology 8.0.0
opencascade open_cascade_technology 8.0.0
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-125 The product reads data past the end, or before the beginning, of the intended buffer.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Impact Analysis

This vulnerability can be triggered by a user opening a maliciously crafted STL file. The impacts include denial of service (DoS), where the application may crash or become unstable due to the out-of-bounds memory access.

Additionally, there is a possibility of information disclosure, where sensitive data from adjacent memory could be read unintentionally due to the out-of-bounds read.

Executive Summary

CVE-2026-42476 is a memory safety vulnerability in Open CASCADE Technology (OCCT) related to its STL ASCII file parser. Specifically, it involves two heap-based out-of-bounds read issues in the function RWStl_Reader::ReadAscii. The problem arises because buffers returned by the ReadLine function are not properly checked for their length before being used in string comparison or direct byte access operations.

An attacker can exploit this by crafting an STL file with extremely short lines that cause the ReadLine function to return very small buffers (1-3 bytes). Since the code does not validate the length of these buffers before parsing, it can read beyond the allocated memory, leading to out-of-bounds reads.

Detection Guidance

This vulnerability can be detected by using AddressSanitizer (ASAN) or similar memory safety tools to monitor for out-of-bounds reads when processing STL files with the affected Open CASCADE Technology (OCCT) versions.

Specifically, running the OCCT STL ASCII file parser on crafted STL files that contain extremely short lines (1-3 bytes) can trigger the vulnerability and cause ASAN to detect the out-of-bounds read.

A suggested approach is to use a proof-of-concept STL file known to trigger the issue and run the OCCT tool under ASAN or another memory error detector to observe any memory violations.

  • Use AddressSanitizer (ASAN) to run the OCCT STL parser: compile OCCT with ASAN enabled and process suspicious STL files.
  • Monitor logs or error outputs for out-of-bounds read errors during file parsing.
Mitigation Strategies

Immediate mitigation involves validating the length of buffers returned by the ReadLine function before any parsing or memory access operations.

Until a patched version of OCCT is applied, avoid opening or processing untrusted or suspicious STL files that may contain extremely short lines designed to trigger the vulnerability.

Applying updates or patches that include the fixβ€”validating the ReadLine return length before proceedingβ€”is the recommended long-term solution.

Compliance Impact

The provided information does not specify any direct impact of this vulnerability on compliance with common standards and regulations such as GDPR or HIPAA.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-42476. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart