216.73.217.50

CVE-2026-42478

· Published 01/05/2026 15:16 · Modified 01/05/2026 19:16

Labels: CVE-2026-42478 2026-05-01CVE-2026-42478CWE-125CWE-476[email protected]

Essential information

Published
01/05/2026 15:16
Modified
01/05/2026 19:16
Author
Creator
CVSS
7.5 HIGH (v3.1)
CISA KEV
No
CWE
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CVSS metrics

Description

An issue was discovered in VrmlData_IndexedFaceSet::TShape in the VRML V2.0 parser in Open CASCADE Technology (OCCT) V8_0_0_rc5 allows attackers to cause a denial of service via a crafted VRML file. The issue occurs because malformed VRML input can trigger dereference of a corrupt or unvalidated pointer during shape construction in libTKDEVRML.so.

NVD status

Status
Modified — CVE has been marked for Analysis. Normally once in this state the CVE will be analyzed by NVD staff within 24 hours.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
opencascade / open cascade technology cpe:2.3:a:opencascade:open_cascade_technology:*:*:*:*:*:*:*:*
opencascade / open cascade technology cpe:2.3:a:opencascade:open_cascade_technology:8.0.0:beta1:*:*:*:*:*:*
opencascade / open cascade technology cpe:2.3:a:opencascade:open_cascade_technology:8.0.0:rc1:*:*:*:*:*:*
opencascade / open cascade technology cpe:2.3:a:opencascade:open_cascade_technology:8.0.0:rc2:*:*:*:*:*:*
opencascade / open cascade technology cpe:2.3:a:opencascade:open_cascade_technology:8.0.0:rc3:*:*:*:*:*:*
opencascade / open cascade technology cpe:2.3:a:opencascade:open_cascade_technology:8.0.0:rc4:*:*:*:*:*:*
opencascade / open cascade technology cpe:2.3:a:opencascade:open_cascade_technology:8.0.0:rc5:*:*:*:*:*:*

References