Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2025-10996 (GCVE-0-2025-10996)
Vulnerability from cvelistv5 – Published: 2025-09-26 02:32 – Updated: 2025-09-26 19:27
VLAI
EPSS
Title
Open Babel smilesformat.cpp ParseSmiles heap-based overflow
Summary
A vulnerability was detected in Open Babel up to 3.1.1. This issue affects the function OBSmilesParser::ParseSmiles of the file /src/formats/smilesformat.cpp. Performing manipulation results in heap-based buffer overflow. The attack needs to be approached locally. The exploit is now public and may be used.
Severity
SSVC
Exploitation: poc
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://vuldb.com/?id.325924 | vdb-entrytechnical-description |
| https://vuldb.com/?ctiid.325924 | signaturepermissions-required |
| https://vuldb.com/?submit.654060 | third-party-advisory |
| https://github.com/openbabel/openbabel/issues/2831 | issue-tracking |
| https://github.com/user-attachments/files/2231855… | exploit |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | Open Babel |
Affected:
3.1.0
Affected: 3.1.1 |
Credits
ahuo (VulDB User)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-10996",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-26T19:27:20.301294Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-26T19:27:33.922Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Open Babel",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "3.1.0"
},
{
"status": "affected",
"version": "3.1.1"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "ahuo (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was detected in Open Babel up to 3.1.1. This issue affects the function OBSmilesParser::ParseSmiles of the file /src/formats/smilesformat.cpp. Performing manipulation results in heap-based buffer overflow. The attack needs to be approached locally. The exploit is now public and may be used."
},
{
"lang": "de",
"value": "Eine Schwachstelle wurde in Open Babel up to 3.1.1 gefunden. Es ist betroffen die Funktion OBSmilesParser::ParseSmiles der Datei /src/formats/smilesformat.cpp. Durch Manipulation mit unbekannten Daten kann eine heap-based buffer overflow-Schwachstelle ausgenutzt werden. Der Angriff muss lokal angegangen werden. Die Ausnutzung wurde ver\u00f6ffentlicht und kann verwendet werden."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 4.3,
"vectorString": "AV:L/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "Heap-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "Memory Corruption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-26T02:32:06.533Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-325924 | Open Babel smilesformat.cpp ParseSmiles heap-based overflow",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.325924"
},
{
"name": "VDB-325924 | CTI Indicators (IOB, IOC, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.325924"
},
{
"name": "Submit #654060 | Open Babel 3.1.1 / master commit 889c350 Heap-based Buffer Overflow",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.654060"
},
{
"tags": [
"issue-tracking"
],
"url": "https://github.com/openbabel/openbabel/issues/2831"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/user-attachments/files/22318556/poc.zip"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-09-25T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2025-09-25T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2025-09-25T20:10:18.000Z",
"value": "VulDB entry last update"
}
],
"title": "Open Babel smilesformat.cpp ParseSmiles heap-based overflow"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2025-10996",
"datePublished": "2025-09-26T02:32:06.533Z",
"dateReserved": "2025-09-25T18:04:57.584Z",
"dateUpdated": "2025-09-26T19:27:33.922Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2025-10996",
"date": "2026-06-30",
"epss": "0.00224",
"percentile": "0.12918"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2025-10996\",\"sourceIdentifier\":\"cna@vuldb.com\",\"published\":\"2025-09-26T03:15:43.277\",\"lastModified\":\"2026-06-17T08:29:25.290\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A vulnerability was detected in Open Babel up to 3.1.1. This issue affects the function OBSmilesParser::ParseSmiles of the file /src/formats/smilesformat.cpp. Performing manipulation results in heap-based buffer overflow. The attack needs to be approached locally. The exploit is now public and may be used.\"}],\"affected\":[{\"source\":\"cna@vuldb.com\",\"affectedData\":[{\"vendor\":\"n/a\",\"product\":\"Open Babel\",\"versions\":[{\"version\":\"3.1.0\",\"status\":\"affected\"},{\"version\":\"3.1.1\",\"status\":\"affected\"}]}]}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"cna@vuldb.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X\",\"baseScore\":1.9,\"baseSeverity\":\"LOW\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"attackRequirements\":\"NONE\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"vulnConfidentialityImpact\":\"LOW\",\"vulnIntegrityImpact\":\"LOW\",\"vulnAvailabilityImpact\":\"LOW\",\"subConfidentialityImpact\":\"NONE\",\"subIntegrityImpact\":\"NONE\",\"subAvailabilityImpact\":\"NONE\",\"exploitMaturity\":\"PROOF_OF_CONCEPT\",\"confidentialityRequirement\":\"NOT_DEFINED\",\"integrityRequirement\":\"NOT_DEFINED\",\"availabilityRequirement\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedVulnIntegrityImpact\":\"NOT_DEFINED\",\"modifiedVulnAvailabilityImpact\":\"NOT_DEFINED\",\"modifiedSubConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedSubIntegrityImpact\":\"NOT_DEFINED\",\"modifiedSubAvailabilityImpact\":\"NOT_DEFINED\",\"Safety\":\"NOT_DEFINED\",\"Automatable\":\"NOT_DEFINED\",\"Recovery\":\"NOT_DEFINED\",\"valueDensity\":\"NOT_DEFINED\",\"vulnerabilityResponseEffort\":\"NOT_DEFINED\",\"providerUrgency\":\"NOT_DEFINED\"}}],\"cvssMetricV31\":[{\"source\":\"cna@vuldb.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L\",\"baseScore\":5.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":1.8,\"impactScore\":3.4},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"cna@vuldb.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:S/C:P/I:P/A:P\",\"baseScore\":4.3,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"SINGLE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":3.1,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}],\"ssvcV203\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"ssvcData\":{\"timestamp\":\"2025-09-26T19:27:20.301294Z\",\"id\":\"CVE-2025-10996\",\"options\":[{\"exploitation\":\"poc\"},{\"automatable\":\"no\"},{\"technicalImpact\":\"partial\"}],\"role\":\"CISA Coordinator\",\"version\":\"2.0.3\"}}]},\"weaknesses\":[{\"source\":\"cna@vuldb.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-119\"},{\"lang\":\"en\",\"value\":\"CWE-122\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openbabel:open_babel:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"3.1.1\",\"matchCriteriaId\":\"C1F53B5D-AE11-4406-B954-7BD33D2E4DE6\"}]}]}],\"references\":[{\"url\":\"https://github.com/openbabel/openbabel/issues/2831\",\"source\":\"cna@vuldb.com\",\"tags\":[\"Exploit\",\"Issue Tracking\"]},{\"url\":\"https://github.com/user-attachments/files/22318556/poc.zip\",\"source\":\"cna@vuldb.com\",\"tags\":[\"Exploit\"]},{\"url\":\"https://vuldb.com/?ctiid.325924\",\"source\":\"cna@vuldb.com\",\"tags\":[\"Permissions Required\",\"VDB Entry\"]},{\"url\":\"https://vuldb.com/?id.325924\",\"source\":\"cna@vuldb.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://vuldb.com/?submit.654060\",\"source\":\"cna@vuldb.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-10996\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"poc\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-09-26T19:27:20.301294Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-09-26T19:27:26.527Z\"}}], \"cna\": {\"title\": \"Open Babel smilesformat.cpp ParseSmiles heap-based overflow\", \"credits\": [{\"lang\": \"en\", \"type\": \"reporter\", \"value\": \"ahuo (VulDB User)\"}], \"metrics\": [{\"cvssV4_0\": {\"version\": \"4.0\", \"baseScore\": 4.8, \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P\"}}, {\"cvssV3_1\": {\"version\": \"3.1\", \"baseScore\": 5.3, \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R\"}}, {\"cvssV3_0\": {\"version\": \"3.0\", \"baseScore\": 5.3, \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R\"}}, {\"cvssV2_0\": {\"version\": \"2.0\", \"baseScore\": 4.3, \"vectorString\": \"AV:L/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR\"}}], \"affected\": [{\"vendor\": \"n/a\", \"product\": \"Open Babel\", \"versions\": [{\"status\": \"affected\", \"version\": \"3.1.0\"}, {\"status\": \"affected\", \"version\": \"3.1.1\"}]}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2025-09-25T00:00:00.000Z\", \"value\": \"Advisory disclosed\"}, {\"lang\": \"en\", \"time\": \"2025-09-25T02:00:00.000Z\", \"value\": \"VulDB entry created\"}, {\"lang\": \"en\", \"time\": \"2025-09-25T20:10:18.000Z\", \"value\": \"VulDB entry last update\"}], \"references\": [{\"url\": \"https://vuldb.com/?id.325924\", \"name\": \"VDB-325924 | Open Babel smilesformat.cpp ParseSmiles heap-based overflow\", \"tags\": [\"vdb-entry\", \"technical-description\"]}, {\"url\": \"https://vuldb.com/?ctiid.325924\", \"name\": \"VDB-325924 | CTI Indicators (IOB, IOC, IOA)\", \"tags\": [\"signature\", \"permissions-required\"]}, {\"url\": \"https://vuldb.com/?submit.654060\", \"name\": \"Submit #654060 | Open Babel 3.1.1 / master commit 889c350 Heap-based Buffer Overflow\", \"tags\": [\"third-party-advisory\"]}, {\"url\": \"https://github.com/openbabel/openbabel/issues/2831\", \"tags\": [\"issue-tracking\"]}, {\"url\": \"https://github.com/user-attachments/files/22318556/poc.zip\", \"tags\": [\"exploit\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"A vulnerability was detected in Open Babel up to 3.1.1. This issue affects the function OBSmilesParser::ParseSmiles of the file /src/formats/smilesformat.cpp. Performing manipulation results in heap-based buffer overflow. The attack needs to be approached locally. The exploit is now public and may be used.\"}, {\"lang\": \"de\", \"value\": \"Eine Schwachstelle wurde in Open Babel up to 3.1.1 gefunden. Es ist betroffen die Funktion OBSmilesParser::ParseSmiles der Datei /src/formats/smilesformat.cpp. Durch Manipulation mit unbekannten Daten kann eine heap-based buffer overflow-Schwachstelle ausgenutzt werden. Der Angriff muss lokal angegangen werden. Die Ausnutzung wurde ver\\u00f6ffentlicht und kann verwendet werden.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-122\", \"description\": \"Heap-based Buffer Overflow\"}]}, {\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-119\", \"description\": \"Memory Corruption\"}]}], \"providerMetadata\": {\"orgId\": \"1af790b2-7ee1-4545-860a-a788eba489b5\", \"shortName\": \"VulDB\", \"dateUpdated\": \"2025-09-26T02:32:06.533Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2025-10996\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-09-26T19:27:33.922Z\", \"dateReserved\": \"2025-09-25T18:04:57.584Z\", \"assignerOrgId\": \"1af790b2-7ee1-4545-860a-a788eba489b5\", \"datePublished\": \"2025-09-26T02:32:06.533Z\", \"assignerShortName\": \"VulDB\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
Title
Уязвимость функции ChemKinFormat::CheckSpecies программного обеспечения преобразования форматов файлов химических веществ Open Babel, позволяющая нарушителю вызвать отказ в обслуживании
Description
Уязвимость функции ChemKinFormat::CheckSpecies программного обеспечения преобразования форматов файлов химических веществ Open Babel связана с выходом операции за границы буфера в памяти. Эксплуатация уязвимости может позволить нарушителю вызвать отказ в обслуживании
Severity
Vendor
Сообщество свободного программного обеспечения, ООО «Ред Софт»
Software Name
Debian GNU/Linux, РЕД ОС (запись в едином реестре российских программ №3751), Open Babel
Software Version
11 (Debian GNU/Linux), 12 (Debian GNU/Linux), 7.3 (РЕД ОС), 13 (Debian GNU/Linux), до 3.1.1 (Open Babel)
Possible Mitigations
В условиях отсутствия обновлений безопасности от производителя рекомендуется придерживаться "Рекомендаций по безопасной настройке операционных систем LINUX", изложенных в методическом документе ФСТЭК России, утверждённом 25 декабря 2022 года.
Использование рекомендаций:
Для Open Babel:
https://github.com/openbabel/openbabel/issues/2831
Для РедОС:
http://repo.red-soft.ru/redos/7.3c/x86_64/updates/
Для Debian GNU/Linux:
https://security-tracker.debian.org/tracker/CVE-2025-10996
Reference
https://github.com/openbabel/openbabel/issues/2831
https://redos.red-soft.ru/support/secure/
https://security-tracker.debian.org/tracker/CVE-2025-10996
https://github.com/user-attachments/files/22318556/poc.zip
CWE
CWE-119, CWE-122
{
"CVSS 2.0": "AV:L/AC:L/Au:S/C:C/I:C/A:C",
"CVSS 3.0": "AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"CVSS 4.0": null,
"remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
"remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
"\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "\u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f, \u041e\u041e\u041e \u00ab\u0420\u0435\u0434 \u0421\u043e\u0444\u0442\u00bb",
"\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "11 (Debian GNU/Linux), 12 (Debian GNU/Linux), 7.3 (\u0420\u0415\u0414 \u041e\u0421), 13 (Debian GNU/Linux), \u0434\u043e 3.1.1 (Open Babel)",
"\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0412 \u0443\u0441\u043b\u043e\u0432\u0438\u044f\u0445 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u044f \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u043e\u0442 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043f\u0440\u0438\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u0442\u044c\u0441\u044f \"\u0420\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439 \u043f\u043e \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0439 \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0435 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c LINUX\", \u0438\u0437\u043b\u043e\u0436\u0435\u043d\u043d\u044b\u0445 \u0432 \u043c\u0435\u0442\u043e\u0434\u0438\u0447\u0435\u0441\u043a\u043e\u043c \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u0435 \u0424\u0421\u0422\u042d\u041a \u0420\u043e\u0441\u0441\u0438\u0438, \u0443\u0442\u0432\u0435\u0440\u0436\u0434\u0451\u043d\u043d\u043e\u043c 25 \u0434\u0435\u043a\u0430\u0431\u0440\u044f 2022 \u0433\u043e\u0434\u0430.\n\n\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\n\u0414\u043b\u044f Open Babel:\nhttps://github.com/openbabel/openbabel/issues/2831\n\n\u0414\u043b\u044f \u0420\u0435\u0434\u041e\u0421: \nhttp://repo.red-soft.ru/redos/7.3c/x86_64/updates/\n\n\u0414\u043b\u044f Debian GNU/Linux:\nhttps://security-tracker.debian.org/tracker/CVE-2025-10996",
"\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "25.09.2025",
"\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "18.11.2025",
"\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "18.11.2025",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2025-14408",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2025-10996",
"\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
"\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
"\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Debian GNU/Linux, \u0420\u0415\u0414 \u041e\u0421 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21163751), Open Babel",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "\u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 11 , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 12 , \u041e\u041e\u041e \u00ab\u0420\u0435\u0434 \u0421\u043e\u0444\u0442\u00bb \u0420\u0415\u0414 \u041e\u0421 7.3 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21163751), \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 13 ",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0444\u0443\u043d\u043a\u0446\u0438\u0438 ChemKinFormat::CheckSpecies \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u043f\u0440\u0435\u043e\u0431\u0440\u0430\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u0444\u043e\u0440\u043c\u0430\u0442\u043e\u0432 \u0444\u0430\u0439\u043b\u043e\u0432 \u0445\u0438\u043c\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0432\u0435\u0449\u0435\u0441\u0442\u0432 Open Babel, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
"\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u0412\u044b\u0445\u043e\u0434 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u0438 \u0437\u0430 \u0433\u0440\u0430\u043d\u0438\u0446\u044b \u0431\u0443\u0444\u0435\u0440\u0430 \u0432 \u043f\u0430\u043c\u044f\u0442\u0438 (CWE-119), \u041f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u0431\u0443\u0444\u0435\u0440\u0430 \u0432 \u0434\u0438\u043d\u0430\u043c\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u043f\u0430\u043c\u044f\u0442\u0438 (CWE-122)",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0444\u0443\u043d\u043a\u0446\u0438\u0438 ChemKinFormat::CheckSpecies \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u043f\u0440\u0435\u043e\u0431\u0440\u0430\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u0444\u043e\u0440\u043c\u0430\u0442\u043e\u0432 \u0444\u0430\u0439\u043b\u043e\u0432 \u0445\u0438\u043c\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0432\u0435\u0449\u0435\u0441\u0442\u0432 Open Babel \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u0432\u044b\u0445\u043e\u0434\u043e\u043c \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u0438 \u0437\u0430 \u0433\u0440\u0430\u043d\u0438\u0446\u044b \u0431\u0443\u0444\u0435\u0440\u0430 \u0432 \u043f\u0430\u043c\u044f\u0442\u0438. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
"\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
"\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
"\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0430\u043c\u0438 \u0434\u0430\u043d\u043d\u044b\u0445",
"\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://github.com/openbabel/openbabel/issues/2831\nhttps://redos.red-soft.ru/support/secure/\nhttps://security-tracker.debian.org/tracker/CVE-2025-10996\nhttps://github.com/user-attachments/files/22318556/poc.zip",
"\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
"\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430, \u041f\u041e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e-\u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0433\u043e \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430",
"\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-119, CWE-122",
"\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 6,8)\n\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.1 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 7,8)"
}
FKIE_CVE-2025-10996
Vulnerability from fkie_nvd - Published: 2025-09-26 03:15 - Updated: 2026-06-17 08:29
Severity
5.3 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
A vulnerability was detected in Open Babel up to 3.1.1. This issue affects the function OBSmilesParser::ParseSmiles of the file /src/formats/smilesformat.cpp. Performing manipulation results in heap-based buffer overflow. The attack needs to be approached locally. The exploit is now public and may be used.
References
| URL | Tags | ||
|---|---|---|---|
| cna@vuldb.com | https://github.com/openbabel/openbabel/issues/2831 | Exploit, Issue Tracking | |
| cna@vuldb.com | https://github.com/user-attachments/files/22318556/poc.zip | Exploit | |
| cna@vuldb.com | https://vuldb.com/?ctiid.325924 | Permissions Required, VDB Entry | |
| cna@vuldb.com | https://vuldb.com/?id.325924 | Third Party Advisory, VDB Entry | |
| cna@vuldb.com | https://vuldb.com/?submit.654060 | Third Party Advisory, VDB Entry |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| openbabel | open_babel | * |
{
"affected": [
{
"affectedData": [
{
"product": "Open Babel",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "3.1.0"
},
{
"status": "affected",
"version": "3.1.1"
}
]
}
],
"source": "cna@vuldb.com"
}
],
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:openbabel:open_babel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C1F53B5D-AE11-4406-B954-7BD33D2E4DE6",
"versionEndIncluding": "3.1.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was detected in Open Babel up to 3.1.1. This issue affects the function OBSmilesParser::ParseSmiles of the file /src/formats/smilesformat.cpp. Performing manipulation results in heap-based buffer overflow. The attack needs to be approached locally. The exploit is now public and may be used."
}
],
"id": "CVE-2025-10996",
"lastModified": "2026-06-17T08:29:25.290",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.1,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "cna@vuldb.com",
"type": "Secondary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.4,
"source": "cna@vuldb.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV40": [
{
"cvssData": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 1.9,
"baseSeverity": "LOW",
"confidentialityRequirement": "NOT_DEFINED",
"exploitMaturity": "PROOF_OF_CONCEPT",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"source": "cna@vuldb.com",
"type": "Secondary"
}
],
"ssvcV203": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"ssvcData": {
"id": "CVE-2025-10996",
"options": [
{
"exploitation": "poc"
},
{
"automatable": "no"
},
{
"technicalImpact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-26T19:27:20.301294Z",
"version": "2.0.3"
}
}
]
},
"published": "2025-09-26T03:15:43.277",
"references": [
{
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Issue Tracking"
],
"url": "https://github.com/openbabel/openbabel/issues/2831"
},
{
"source": "cna@vuldb.com",
"tags": [
"Exploit"
],
"url": "https://github.com/user-attachments/files/22318556/poc.zip"
},
{
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"VDB Entry"
],
"url": "https://vuldb.com/?ctiid.325924"
},
{
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://vuldb.com/?id.325924"
},
{
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://vuldb.com/?submit.654060"
}
],
"sourceIdentifier": "cna@vuldb.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
},
{
"lang": "en",
"value": "CWE-122"
}
],
"source": "cna@vuldb.com",
"type": "Secondary"
}
]
}
GHSA-9P6C-JCW8-X98F
Vulnerability from github – Published: 2025-09-26 03:31 – Updated: 2026-06-30 21:26
VLAI
Summary
Duplicate Advisory: Open Babel has heap buffer overflow in SMILES OBSmilesParser::ParseSmiles
Details
Duplicate Advisory
This advisory has been withdrawn because it is a duplicate of GHSA-j35x-w4gj-pf7w. This link is maintained to preserve external references.
Original Description
A vulnerability was detected in Open Babel up to 3.1.1. This issue affects the function OBSmilesParser::ParseSmiles of the file /src/formats/smilesformat.cpp. Performing manipulation results in heap-based buffer overflow. The attack needs to be approached locally. The exploit is now public and may be used.
Severity
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "openbabel"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.2.0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [],
"database_specific": {
"cwe_ids": [
"CWE-119"
],
"github_reviewed": true,
"github_reviewed_at": "2026-06-30T21:26:53Z",
"nvd_published_at": "2025-09-26T03:15:43Z",
"severity": "LOW"
},
"details": "## Duplicate Advisory\nThis advisory has been withdrawn because it is a duplicate of GHSA-j35x-w4gj-pf7w. This link is maintained to preserve external references.\n\n## Original Description\nA vulnerability was detected in Open Babel up to 3.1.1. This issue affects the function OBSmilesParser::ParseSmiles of the file /src/formats/smilesformat.cpp. Performing manipulation results in heap-based buffer overflow. The attack needs to be approached locally. The exploit is now public and may be used.",
"id": "GHSA-9p6c-jcw8-x98f",
"modified": "2026-06-30T21:26:53Z",
"published": "2025-09-26T03:31:07Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-10996"
},
{
"type": "WEB",
"url": "https://github.com/openbabel/openbabel/issues/2831"
},
{
"type": "WEB",
"url": "https://github.com/user-attachments/files/22318556/poc.zip"
},
{
"type": "WEB",
"url": "https://vuldb.com/?ctiid.325924"
},
{
"type": "WEB",
"url": "https://vuldb.com/?id.325924"
},
{
"type": "WEB",
"url": "https://vuldb.com/?submit.654060"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
],
"summary": "Duplicate Advisory: Open Babel has heap buffer overflow in SMILES OBSmilesParser::ParseSmiles",
"withdrawn": "2026-06-30T21:26:53Z"
}
GHSA-J35X-W4GJ-PF7W
Vulnerability from github – Published: 2026-06-30 21:27 – Updated: 2026-06-30 21:27
VLAI
Summary
Open Babel has heap buffer overflow in SMILES OBSmilesParser::ParseSmiles
Details
Summary
A memory-safety vulnerability in Open Babel's SMILES parser caused a heap buffer overflow when reading a crafted input string.
Details
The flaw was in OBSmilesParser::ParseSmiles. A malformed SMILES
input caused the parser to write past the end of a heap-allocated
buffer.
Impact
Open Babel is a C++ library and CLI used to read and write chemistry
file formats; it is shipped by Linux distributions and embedded in
services that may parse untrusted input. Triggering this vulnerability
requires the victim to parse a malicious SMILES string with the
obabel tool, the OBConversion API, or any of the language
bindings (Python, Ruby, Java, R, Perl, C#, PHP). SMILES strings are
commonly passed on the command line and through scripted pipelines,
so this primitive is especially reachable.
Affected versions
All releases up to and including 3.1.1.
Patched version
3.2.0 (released 2026-05-26).
Patch
Fix commit: https://github.com/openbabel/openbabel/commit/b34cd604 Originally reported as #2831; fixes consolidated in #2913.
A minimized reproducer for this CVE is checked in under
test/files/fuzz_regress/ and is exercised on every CI build under
ASAN+UBSAN by the fuzzregresstest harness.
Credit
Reported via OSS-Fuzz.
Severity
7.8 (High)
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "openbabel"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.2.0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2025-10996"
],
"database_specific": {
"cwe_ids": [
"CWE-119"
],
"github_reviewed": true,
"github_reviewed_at": "2026-06-30T21:27:29Z",
"nvd_published_at": null,
"severity": "HIGH"
},
"details": "### Summary\n\nA memory-safety vulnerability in Open Babel\u0027s SMILES parser caused a\nheap buffer overflow when reading a crafted input string.\n\n### Details\n\nThe flaw was in `OBSmilesParser::ParseSmiles`. A malformed SMILES\ninput caused the parser to write past the end of a heap-allocated\nbuffer.\n\n### Impact\n\nOpen Babel is a C++ library and CLI used to read and write chemistry\nfile formats; it is shipped by Linux distributions and embedded in\nservices that may parse untrusted input. Triggering this vulnerability\nrequires the victim to parse a malicious SMILES string with the\n`obabel` tool, the `OBConversion` API, or any of the language\nbindings (Python, Ruby, Java, R, Perl, C#, PHP). SMILES strings are\ncommonly passed on the command line and through scripted pipelines,\nso this primitive is especially reachable.\n\n### Affected versions\n\nAll releases up to and including 3.1.1.\n\n### Patched version\n\n3.2.0 (released 2026-05-26).\n\n### Patch\n\nFix commit: https://github.com/openbabel/openbabel/commit/b34cd604\nOriginally reported as #2831; fixes consolidated in #2913.\n\nA minimized reproducer for this CVE is checked in under\n`test/files/fuzz_regress/` and is exercised on every CI build under\nASAN+UBSAN by the `fuzzregresstest` harness.\n\n### Credit\n\nReported via OSS-Fuzz.",
"id": "GHSA-j35x-w4gj-pf7w",
"modified": "2026-06-30T21:27:29Z",
"published": "2026-06-30T21:27:29Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/openbabel/openbabel/security/advisories/GHSA-j35x-w4gj-pf7w"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-10996"
},
{
"type": "WEB",
"url": "https://github.com/openbabel/openbabel/issues/2831"
},
{
"type": "WEB",
"url": "https://github.com/openbabel/openbabel/pull/2913"
},
{
"type": "WEB",
"url": "https://github.com/openbabel/openbabel/commit/b34cd604"
},
{
"type": "PACKAGE",
"url": "https://github.com/openbabel/openbabel"
},
{
"type": "WEB",
"url": "https://github.com/user-attachments/files/22318556/poc.zip"
},
{
"type": "WEB",
"url": "https://vuldb.com/?ctiid.325924"
},
{
"type": "WEB",
"url": "https://vuldb.com/?id.325924"
},
{
"type": "WEB",
"url": "https://vuldb.com/?submit.654060"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Open Babel has heap buffer overflow in SMILES OBSmilesParser::ParseSmiles"
}
OPENSUSE-SU-2026:10936-1
Vulnerability from csaf_opensuse - Published: 2026-06-02 00:00 - Updated: 2026-06-02 00:00Summary
libopenbabel8-3.2.0-1.1 on GA media
Severity
Moderate
Notes
Title of the patch: libopenbabel8-3.2.0-1.1 on GA media
Description of the patch: These are all security issues fixed in the libopenbabel8-3.2.0-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames: openSUSE-Tumbleweed-2026-10936
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.3 (High)
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-3.2.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-3.2.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-3.2.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-3.2.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
9.8 (Critical)
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-3.2.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-3.2.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-3.2.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-3.2.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
critical
9.8 (Critical)
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-3.2.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-3.2.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-3.2.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-3.2.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
critical
7.8 (High)
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-3.2.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-3.2.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-3.2.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-3.2.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
critical
7.8 (High)
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-3.2.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-3.2.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-3.2.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-3.2.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
critical
5.3 (Medium)
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-3.2.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-3.2.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-3.2.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-3.2.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-3.2.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-3.2.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-3.2.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-3.2.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
low
8.1 (High)
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-3.2.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-3.2.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-3.2.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-3.2.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
22 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "libopenbabel8-3.2.0-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the libopenbabel8-3.2.0-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2026-10936",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2026_10936-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-37331 page",
"url": "https://www.suse.com/security/cve/CVE-2022-37331/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-43467 page",
"url": "https://www.suse.com/security/cve/CVE-2022-43467/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-46280 page",
"url": "https://www.suse.com/security/cve/CVE-2022-46280/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-46291 page",
"url": "https://www.suse.com/security/cve/CVE-2022-46291/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-46295 page",
"url": "https://www.suse.com/security/cve/CVE-2022-46295/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-10996 page",
"url": "https://www.suse.com/security/cve/CVE-2025-10996/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-10999 page",
"url": "https://www.suse.com/security/cve/CVE-2025-10999/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-2705 page",
"url": "https://www.suse.com/security/cve/CVE-2026-2705/"
}
],
"title": "libopenbabel8-3.2.0-1.1 on GA media",
"tracking": {
"current_release_date": "2026-06-02T00:00:00Z",
"generator": {
"date": "2026-06-02T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2026:10936-1",
"initial_release_date": "2026-06-02T00:00:00Z",
"revision_history": [
{
"date": "2026-06-02T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "libopenbabel8-3.2.0-1.1.aarch64",
"product": {
"name": "libopenbabel8-3.2.0-1.1.aarch64",
"product_id": "libopenbabel8-3.2.0-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "openbabel-3.2.0-1.1.aarch64",
"product": {
"name": "openbabel-3.2.0-1.1.aarch64",
"product_id": "openbabel-3.2.0-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "openbabel-devel-3.2.0-1.1.aarch64",
"product": {
"name": "openbabel-devel-3.2.0-1.1.aarch64",
"product_id": "openbabel-devel-3.2.0-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "openbabel-gui-3.2.0-1.1.aarch64",
"product": {
"name": "openbabel-gui-3.2.0-1.1.aarch64",
"product_id": "openbabel-gui-3.2.0-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "python3-openbabel-3.2.0-1.1.aarch64",
"product": {
"name": "python3-openbabel-3.2.0-1.1.aarch64",
"product_id": "python3-openbabel-3.2.0-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libopenbabel8-3.2.0-1.1.ppc64le",
"product": {
"name": "libopenbabel8-3.2.0-1.1.ppc64le",
"product_id": "libopenbabel8-3.2.0-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "openbabel-3.2.0-1.1.ppc64le",
"product": {
"name": "openbabel-3.2.0-1.1.ppc64le",
"product_id": "openbabel-3.2.0-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "openbabel-devel-3.2.0-1.1.ppc64le",
"product": {
"name": "openbabel-devel-3.2.0-1.1.ppc64le",
"product_id": "openbabel-devel-3.2.0-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "openbabel-gui-3.2.0-1.1.ppc64le",
"product": {
"name": "openbabel-gui-3.2.0-1.1.ppc64le",
"product_id": "openbabel-gui-3.2.0-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "python3-openbabel-3.2.0-1.1.ppc64le",
"product": {
"name": "python3-openbabel-3.2.0-1.1.ppc64le",
"product_id": "python3-openbabel-3.2.0-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "libopenbabel8-3.2.0-1.1.s390x",
"product": {
"name": "libopenbabel8-3.2.0-1.1.s390x",
"product_id": "libopenbabel8-3.2.0-1.1.s390x"
}
},
{
"category": "product_version",
"name": "openbabel-3.2.0-1.1.s390x",
"product": {
"name": "openbabel-3.2.0-1.1.s390x",
"product_id": "openbabel-3.2.0-1.1.s390x"
}
},
{
"category": "product_version",
"name": "openbabel-devel-3.2.0-1.1.s390x",
"product": {
"name": "openbabel-devel-3.2.0-1.1.s390x",
"product_id": "openbabel-devel-3.2.0-1.1.s390x"
}
},
{
"category": "product_version",
"name": "openbabel-gui-3.2.0-1.1.s390x",
"product": {
"name": "openbabel-gui-3.2.0-1.1.s390x",
"product_id": "openbabel-gui-3.2.0-1.1.s390x"
}
},
{
"category": "product_version",
"name": "python3-openbabel-3.2.0-1.1.s390x",
"product": {
"name": "python3-openbabel-3.2.0-1.1.s390x",
"product_id": "python3-openbabel-3.2.0-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libopenbabel8-3.2.0-1.1.x86_64",
"product": {
"name": "libopenbabel8-3.2.0-1.1.x86_64",
"product_id": "libopenbabel8-3.2.0-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "openbabel-3.2.0-1.1.x86_64",
"product": {
"name": "openbabel-3.2.0-1.1.x86_64",
"product_id": "openbabel-3.2.0-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "openbabel-devel-3.2.0-1.1.x86_64",
"product": {
"name": "openbabel-devel-3.2.0-1.1.x86_64",
"product_id": "openbabel-devel-3.2.0-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "openbabel-gui-3.2.0-1.1.x86_64",
"product": {
"name": "openbabel-gui-3.2.0-1.1.x86_64",
"product_id": "openbabel-gui-3.2.0-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "python3-openbabel-3.2.0-1.1.x86_64",
"product": {
"name": "python3-openbabel-3.2.0-1.1.x86_64",
"product_id": "python3-openbabel-3.2.0-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenbabel8-3.2.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.aarch64"
},
"product_reference": "libopenbabel8-3.2.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenbabel8-3.2.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.ppc64le"
},
"product_reference": "libopenbabel8-3.2.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenbabel8-3.2.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.s390x"
},
"product_reference": "libopenbabel8-3.2.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenbabel8-3.2.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.x86_64"
},
"product_reference": "libopenbabel8-3.2.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openbabel-3.2.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:openbabel-3.2.0-1.1.aarch64"
},
"product_reference": "openbabel-3.2.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openbabel-3.2.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:openbabel-3.2.0-1.1.ppc64le"
},
"product_reference": "openbabel-3.2.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openbabel-3.2.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:openbabel-3.2.0-1.1.s390x"
},
"product_reference": "openbabel-3.2.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openbabel-3.2.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:openbabel-3.2.0-1.1.x86_64"
},
"product_reference": "openbabel-3.2.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openbabel-devel-3.2.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.aarch64"
},
"product_reference": "openbabel-devel-3.2.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openbabel-devel-3.2.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.ppc64le"
},
"product_reference": "openbabel-devel-3.2.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openbabel-devel-3.2.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.s390x"
},
"product_reference": "openbabel-devel-3.2.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openbabel-devel-3.2.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.x86_64"
},
"product_reference": "openbabel-devel-3.2.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openbabel-gui-3.2.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.aarch64"
},
"product_reference": "openbabel-gui-3.2.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openbabel-gui-3.2.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.ppc64le"
},
"product_reference": "openbabel-gui-3.2.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openbabel-gui-3.2.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.s390x"
},
"product_reference": "openbabel-gui-3.2.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openbabel-gui-3.2.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.x86_64"
},
"product_reference": "openbabel-gui-3.2.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-openbabel-3.2.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.aarch64"
},
"product_reference": "python3-openbabel-3.2.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-openbabel-3.2.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.ppc64le"
},
"product_reference": "python3-openbabel-3.2.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-openbabel-3.2.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.s390x"
},
"product_reference": "python3-openbabel-3.2.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-openbabel-3.2.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.x86_64"
},
"product_reference": "python3-openbabel-3.2.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-37331",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-37331"
}
],
"notes": [
{
"category": "general",
"text": "An out-of-bounds write vulnerability exists in the Gaussian format orientation functionality of Open Babel 3.1.1 and master commit 530dbfa3. A specially crafted malformed file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-37331",
"url": "https://www.suse.com/security/cve/CVE-2022-37331"
},
{
"category": "external",
"summary": "SUSE Bug 1217676 for CVE-2022-37331",
"url": "https://bugzilla.suse.com/1217676"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-02T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2022-37331"
},
{
"cve": "CVE-2022-43467",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-43467"
}
],
"notes": [
{
"category": "general",
"text": "An out-of-bounds write vulnerability exists in the PQS format coord_file functionality of Open Babel 3.1.1 and master commit 530dbfa3. A specially crafted malformed file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-43467",
"url": "https://www.suse.com/security/cve/CVE-2022-43467"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-02T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2022-43467"
},
{
"cve": "CVE-2022-46280",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-46280"
}
],
"notes": [
{
"category": "general",
"text": "A use of uninitialized pointer vulnerability exists in the PQS format pFormat functionality of Open Babel 3.1.1 and master commit 530dbfa3. A specially crafted malformed file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-46280",
"url": "https://www.suse.com/security/cve/CVE-2022-46280"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-02T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2022-46280"
},
{
"cve": "CVE-2022-46291",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-46291"
}
],
"notes": [
{
"category": "general",
"text": "Multiple out-of-bounds write vulnerabilities exist in the translationVectors parsing functionality in multiple supported formats of Open Babel 3.1.1 and master commit 530dbfa3. A specially-crafted malformed file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.This vulnerability affects the MSI file format",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-46291",
"url": "https://www.suse.com/security/cve/CVE-2022-46291"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-02T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2022-46291"
},
{
"cve": "CVE-2022-46295",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-46295"
}
],
"notes": [
{
"category": "general",
"text": "Multiple out-of-bounds write vulnerabilities exist in the translationVectors parsing functionality in multiple supported formats of Open Babel 3.1.1 and master commit 530dbfa3. A specially-crafted malformed file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.This vulnerability affects the Gaussian file format",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-46295",
"url": "https://www.suse.com/security/cve/CVE-2022-46295"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-02T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2022-46295"
},
{
"cve": "CVE-2025-10996",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-10996"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability was detected in Open Babel up to 3.1.1. This issue affects the function OBSmilesParser::ParseSmiles of the file /src/formats/smilesformat.cpp. Performing manipulation results in heap-based buffer overflow. The attack needs to be approached locally. The exploit is now public and may be used.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-10996",
"url": "https://www.suse.com/security/cve/CVE-2025-10996"
},
{
"category": "external",
"summary": "SUSE Bug 1250544 for CVE-2025-10996",
"url": "https://bugzilla.suse.com/1250544"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-02T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-10996"
},
{
"cve": "CVE-2025-10999",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-10999"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability was found in Open Babel up to 3.1.1. The impacted element is the function CacaoFormat::SetHilderbrandt of the file /src/formats/cacaoformat.cpp. The manipulation results in null pointer dereference. The attack is only possible with local access. The exploit has been made public and could be used.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-10999",
"url": "https://www.suse.com/security/cve/CVE-2025-10999"
},
{
"category": "external",
"summary": "SUSE Bug 1250547 for CVE-2025-10999",
"url": "https://bugzilla.suse.com/1250547"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-02T00:00:00Z",
"details": "low"
}
],
"title": "CVE-2025-10999"
},
{
"cve": "CVE-2026-2705",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-2705"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability was detected in Open Babel up to 3.1.1. The impacted element is the function OBAtom::SetFormalCharge in the library include/openbabel/atom.h of the component MOL2 File Handler. The manipulation results in out-of-bounds read. It is possible to launch the attack remotely. The exploit is now public and may be used. The patch is identified as e23a224b8fd9d7c2a7cde9ef4ec6afb4c05aa08a. A patch should be applied to remediate this issue. The project was informed of the problem early through an issue report but has not responded yet.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-2705",
"url": "https://www.suse.com/security/cve/CVE-2026-2705"
},
{
"category": "external",
"summary": "SUSE Bug 1258507 for CVE-2026-2705",
"url": "https://bugzilla.suse.com/1258507"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-02T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2026-2705"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…