CVE-2026-42481
Analyzed Analyzed - Analysis Complete
Out-of-Bounds Read and Infinite Recursion in Open CASCADE Technology

Publication date: 2026-05-01

Last updated on: 2026-06-01

Assigner: MITRE

Description
Open CASCADE Technology (OCCT) V8_0_0_rc5 contains multiple vulnerabilities in its IGES and STEP file parsers that can be triggered by crafted IGES or STEP files. These issues include an out-of-bounds read in Geom2d_BSplineCurve::EvalD0 during IGES B-spline curve evaluation, an out-of-bounds read in MakeBSplineCurveCommon during STEP B-spline curve construction, and infinite recursion in StepShape_OrientedEdge::EdgeStart when processing a self-referential OrientedEdge entity. Successful exploitation may result in denial of service or unintended memory disclosure.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-05-01
Last Modified
2026-06-01
Generated
2026-06-16
AI Q&A
2026-05-01
EPSS Evaluated
2026-06-15
NVD
CVE-2026-42481
EUVD
EUVD-2026-26678
Affected Vendors & Products
Showing 7 associated CPEs
Vendor Product Version / Range
opencascade open_cascade_technology to 7.9.3 (inc)
opencascade open_cascade_technology 8.0.0
opencascade open_cascade_technology 8.0.0
opencascade open_cascade_technology 8.0.0
opencascade open_cascade_technology 8.0.0
opencascade open_cascade_technology 8.0.0
opencascade open_cascade_technology 8.0.0
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-125 The product reads data past the end, or before the beginning, of the intended buffer.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Compliance Impact

The provided information does not specify how the vulnerability in Open CASCADE Technology (OCCT) V8_0_0_rc5 affects compliance with common standards and regulations such as GDPR or HIPAA.

Detection Guidance

The vulnerability in Open CASCADE Technology (OCCT) V8_0_0_rc5 involves out-of-bounds reads and infinite recursion triggered by crafted IGES or STEP files. Detection can be approached by analyzing the processing of these file types for abnormal behavior such as crashes or memory errors.

One practical method is to use AddressSanitizer (ASAN) or similar memory error detection tools when processing IGES or STEP files with OCCT. ASAN can detect out-of-bounds reads consistently, as demonstrated in related vulnerabilities.

Suggested commands include running OCCT file parsing under ASAN instrumentation, for example:

  • Compile OCCT with ASAN enabled: `clang -fsanitize=address -g -o occt_parser your_occt_source_files`
  • Run the parser on suspicious or crafted IGES/STEP files: `./occt_parser suspicious_file.iges` or `./occt_parser suspicious_file.step`

Monitoring for crashes, infinite recursion, or memory errors during these tests can help detect the vulnerability.

Mitigation Strategies

Immediate mitigation steps include avoiding the processing of untrusted or crafted IGES and STEP files with vulnerable versions of OCCT (V8_0_0_rc5).

If possible, update OCCT to a version where these vulnerabilities are fixed or apply patches that validate input lengths and prevent out-of-bounds reads and infinite recursion.

Additionally, running OCCT under memory safety tools like AddressSanitizer during development or testing can help identify and prevent exploitation.

Executive Summary

This vulnerability affects Open CASCADE Technology (OCCT) version V8_0_0_rc5 and involves multiple security issues in its IGES and STEP file parsers. Specifically, crafted IGES or STEP files can trigger out-of-bounds reads during B-spline curve evaluation and construction, as well as cause infinite recursion when processing certain self-referential entities. These flaws arise in functions like Geom2d_BSplineCurve::EvalD0, MakeBSplineCurveCommon, and StepShape_OrientedEdge::EdgeStart.

Impact Analysis

Exploiting these vulnerabilities can lead to denial of service conditions, where the affected software may crash or become unresponsive. Additionally, there is a risk of unintended memory disclosure, which could potentially expose sensitive information from the system's memory.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-42481. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart