Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2026-2705 (GCVE-0-2026-2705)
Vulnerability from cvelistv5 – Published: 2026-02-19 05:02 – Updated: 2026-03-03 17:20 X_Open Source
VLAI
EPSS
Title
Open Babel MOL2 File atom.h SetFormalCharge out-of-bounds
Summary
A vulnerability was detected in Open Babel up to 3.1.1. The impacted element is the function OBAtom::SetFormalCharge in the library include/openbabel/atom.h of the component MOL2 File Handler. The manipulation results in out-of-bounds read. It is possible to launch the attack remotely. The exploit is now public and may be used. The patch is identified as e23a224b8fd9d7c2a7cde9ef4ec6afb4c05aa08a. A patch should be applied to remediate this issue. The project was informed of the problem early through an issue report but has not responded yet.
Severity
SSVC
Exploitation: poc
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
7 references
| URL | Tags |
|---|---|
| https://vuldb.com/?id.346651 | vdb-entrytechnical-description |
| https://vuldb.com/?ctiid.346651 | signaturepermissions-required |
| https://vuldb.com/?submit.754379 | third-party-advisory |
| https://github.com/openbabel/openbabel/issues/2848 | issue-tracking |
| https://github.com/openbabel/openbabel/pull/2862 | issue-trackingpatch |
| https://github.com/oneafter/0128/blob/main/ob2/re… | exploit |
| https://github.com/VedantMadane/openbabel/commit/… | patch |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | Open Babel |
Affected:
3.1.0
Affected: 3.1.1 |
Credits
Oneafter (VulDB User)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-2705",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-23T18:45:13.326320Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-03T17:20:24.065Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"modules": [
"MOL2 File Handler"
],
"product": "Open Babel",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "3.1.0"
},
{
"status": "affected",
"version": "3.1.1"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Oneafter (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was detected in Open Babel up to 3.1.1. The impacted element is the function OBAtom::SetFormalCharge in the library include/openbabel/atom.h of the component MOL2 File Handler. The manipulation results in out-of-bounds read. It is possible to launch the attack remotely. The exploit is now public and may be used. The patch is identified as e23a224b8fd9d7c2a7cde9ef4ec6afb4c05aa08a. A patch should be applied to remediate this issue. The project was informed of the problem early through an issue report but has not responded yet."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 5,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P/E:POC/RL:OF/RC:C",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "Out-of-Bounds Read",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "Memory Corruption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-01T07:07:44.790Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-346651 | Open Babel MOL2 File atom.h SetFormalCharge out-of-bounds",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.346651"
},
{
"name": "VDB-346651 | CTI Indicators (IOB, IOC, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.346651"
},
{
"name": "Submit #754379 | openbabel master-branch NULL Pointer Dereference",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.754379"
},
{
"tags": [
"issue-tracking"
],
"url": "https://github.com/openbabel/openbabel/issues/2848"
},
{
"tags": [
"issue-tracking",
"patch"
],
"url": "https://github.com/openbabel/openbabel/pull/2862"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/oneafter/0128/blob/main/ob2/repro.mol2"
},
{
"tags": [
"patch"
],
"url": "https://github.com/VedantMadane/openbabel/commit/e23a224b8fd9d7c2a7cde9ef4ec6afb4c05aa08a"
}
],
"tags": [
"x_open-source"
],
"timeline": [
{
"lang": "en",
"time": "2026-02-18T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-02-18T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-03-01T08:12:04.000Z",
"value": "VulDB entry last update"
}
],
"title": "Open Babel MOL2 File atom.h SetFormalCharge out-of-bounds"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-2705",
"datePublished": "2026-02-19T05:02:07.101Z",
"dateReserved": "2026-02-18T18:05:04.203Z",
"dateUpdated": "2026-03-03T17:20:24.065Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2026-2705",
"date": "2026-06-30",
"epss": "0.007",
"percentile": "0.48509"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2026-2705\",\"sourceIdentifier\":\"cna@vuldb.com\",\"published\":\"2026-02-19T07:17:49.990\",\"lastModified\":\"2026-06-17T10:31:34.540\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A vulnerability was detected in Open Babel up to 3.1.1. The impacted element is the function OBAtom::SetFormalCharge in the library include/openbabel/atom.h of the component MOL2 File Handler. The manipulation results in out-of-bounds read. It is possible to launch the attack remotely. The exploit is now public and may be used. The patch is identified as e23a224b8fd9d7c2a7cde9ef4ec6afb4c05aa08a. A patch should be applied to remediate this issue. The project was informed of the problem early through an issue report but has not responded yet.\"},{\"lang\":\"es\",\"value\":\"Se encontr\u00f3 una vulnerabilidad en Open Babel hasta la versi\u00f3n 3.1.1. La cual afecta a la funci\u00f3n OBAtom::SetFormalCharge en la librer\u00eda include/openbabel/atom.h del componente Gestor de Archivos MOL2. Si se manipula se puede provocar una lectura fuera de l\u00edmites. Es posible lanzar el ataque de forma remota. El exploit es ahora p\u00fablico y puede ser utilizado. Se inform\u00f3 al proyecto con anterioridad a trav\u00e9s de un informe de incidencias, pero a\u00fan no ha respondido.\"}],\"affected\":[{\"source\":\"cna@vuldb.com\",\"affectedData\":[{\"vendor\":\"n/a\",\"product\":\"Open Babel\",\"modules\":[\"MOL2 File Handler\"],\"versions\":[{\"version\":\"3.1.0\",\"status\":\"affected\"},{\"version\":\"3.1.1\",\"status\":\"affected\"}]}]}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"cna@vuldb.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X\",\"baseScore\":2.1,\"baseSeverity\":\"LOW\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"attackRequirements\":\"NONE\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"PASSIVE\",\"vulnConfidentialityImpact\":\"NONE\",\"vulnIntegrityImpact\":\"NONE\",\"vulnAvailabilityImpact\":\"LOW\",\"subConfidentialityImpact\":\"NONE\",\"subIntegrityImpact\":\"NONE\",\"subAvailabilityImpact\":\"NONE\",\"exploitMaturity\":\"PROOF_OF_CONCEPT\",\"confidentialityRequirement\":\"NOT_DEFINED\",\"integrityRequirement\":\"NOT_DEFINED\",\"availabilityRequirement\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedVulnIntegrityImpact\":\"NOT_DEFINED\",\"modifiedVulnAvailabilityImpact\":\"NOT_DEFINED\",\"modifiedSubConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedSubIntegrityImpact\":\"NOT_DEFINED\",\"modifiedSubAvailabilityImpact\":\"NOT_DEFINED\",\"Safety\":\"NOT_DEFINED\",\"Automatable\":\"NOT_DEFINED\",\"Recovery\":\"NOT_DEFINED\",\"valueDensity\":\"NOT_DEFINED\",\"vulnerabilityResponseEffort\":\"NOT_DEFINED\",\"providerUrgency\":\"NOT_DEFINED\"}}],\"cvssMetricV31\":[{\"source\":\"cna@vuldb.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L\",\"baseScore\":4.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":2.8,\"impactScore\":1.4},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H\",\"baseScore\":8.1,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.2}],\"cvssMetricV2\":[{\"source\":\"cna@vuldb.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:P\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}],\"ssvcV203\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"ssvcData\":{\"timestamp\":\"2026-02-23T18:45:13.326320Z\",\"id\":\"CVE-2026-2705\",\"options\":[{\"exploitation\":\"poc\"},{\"automatable\":\"no\"},{\"technicalImpact\":\"partial\"}],\"role\":\"CISA Coordinator\",\"version\":\"2.0.3\"}}]},\"weaknesses\":[{\"source\":\"cna@vuldb.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-119\"},{\"lang\":\"en\",\"value\":\"CWE-125\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openbabel:open_babel:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"3.1.1\",\"matchCriteriaId\":\"C1F53B5D-AE11-4406-B954-7BD33D2E4DE6\"}]}]}],\"references\":[{\"url\":\"https://github.com/VedantMadane/openbabel/commit/e23a224b8fd9d7c2a7cde9ef4ec6afb4c05aa08a\",\"source\":\"cna@vuldb.com\"},{\"url\":\"https://github.com/oneafter/0128/blob/main/ob2/repro.mol2\",\"source\":\"cna@vuldb.com\",\"tags\":[\"Exploit\"]},{\"url\":\"https://github.com/openbabel/openbabel/issues/2848\",\"source\":\"cna@vuldb.com\",\"tags\":[\"Exploit\",\"Issue Tracking\"]},{\"url\":\"https://github.com/openbabel/openbabel/pull/2862\",\"source\":\"cna@vuldb.com\"},{\"url\":\"https://vuldb.com/?ctiid.346651\",\"source\":\"cna@vuldb.com\",\"tags\":[\"Permissions Required\",\"VDB Entry\"]},{\"url\":\"https://vuldb.com/?id.346651\",\"source\":\"cna@vuldb.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://vuldb.com/?submit.754379\",\"source\":\"cna@vuldb.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2026-2705\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"poc\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-02-23T18:45:13.326320Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-02-23T18:45:31.110Z\"}}], \"cna\": {\"tags\": [\"x_open-source\"], \"title\": \"Open Babel MOL2 File atom.h SetFormalCharge out-of-bounds\", \"credits\": [{\"lang\": \"en\", \"type\": \"reporter\", \"value\": \"Oneafter (VulDB User)\"}], \"metrics\": [{\"cvssV4_0\": {\"version\": \"4.0\", \"baseScore\": 5.3, \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P\"}}, {\"cvssV3_1\": {\"version\": \"3.1\", \"baseScore\": 4.3, \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C\"}}, {\"cvssV3_0\": {\"version\": \"3.0\", \"baseScore\": 4.3, \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C\"}}, {\"cvssV2_0\": {\"version\": \"2.0\", \"baseScore\": 5, \"vectorString\": \"AV:N/AC:L/Au:N/C:N/I:N/A:P/E:POC/RL:OF/RC:C\"}}], \"affected\": [{\"vendor\": \"n/a\", \"modules\": [\"MOL2 File Handler\"], \"product\": \"Open Babel\", \"versions\": [{\"status\": \"affected\", \"version\": \"3.1.0\"}, {\"status\": \"affected\", \"version\": \"3.1.1\"}]}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2026-02-18T00:00:00.000Z\", \"value\": \"Advisory disclosed\"}, {\"lang\": \"en\", \"time\": \"2026-02-18T01:00:00.000Z\", \"value\": \"VulDB entry created\"}, {\"lang\": \"en\", \"time\": \"2026-03-01T08:12:04.000Z\", \"value\": \"VulDB entry last update\"}], \"references\": [{\"url\": \"https://vuldb.com/?id.346651\", \"name\": \"VDB-346651 | Open Babel MOL2 File atom.h SetFormalCharge out-of-bounds\", \"tags\": [\"vdb-entry\", \"technical-description\"]}, {\"url\": \"https://vuldb.com/?ctiid.346651\", \"name\": \"VDB-346651 | CTI Indicators (IOB, IOC, IOA)\", \"tags\": [\"signature\", \"permissions-required\"]}, {\"url\": \"https://vuldb.com/?submit.754379\", \"name\": \"Submit #754379 | openbabel master-branch NULL Pointer Dereference\", \"tags\": [\"third-party-advisory\"]}, {\"url\": \"https://github.com/openbabel/openbabel/issues/2848\", \"tags\": [\"issue-tracking\"]}, {\"url\": \"https://github.com/openbabel/openbabel/pull/2862\", \"tags\": [\"issue-tracking\", \"patch\"]}, {\"url\": \"https://github.com/oneafter/0128/blob/main/ob2/repro.mol2\", \"tags\": [\"exploit\"]}, {\"url\": \"https://github.com/VedantMadane/openbabel/commit/e23a224b8fd9d7c2a7cde9ef4ec6afb4c05aa08a\", \"tags\": [\"patch\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"A vulnerability was detected in Open Babel up to 3.1.1. The impacted element is the function OBAtom::SetFormalCharge in the library include/openbabel/atom.h of the component MOL2 File Handler. The manipulation results in out-of-bounds read. It is possible to launch the attack remotely. The exploit is now public and may be used. The patch is identified as e23a224b8fd9d7c2a7cde9ef4ec6afb4c05aa08a. A patch should be applied to remediate this issue. The project was informed of the problem early through an issue report but has not responded yet.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-125\", \"description\": \"Out-of-Bounds Read\"}]}, {\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-119\", \"description\": \"Memory Corruption\"}]}], \"providerMetadata\": {\"orgId\": \"1af790b2-7ee1-4545-860a-a788eba489b5\", \"shortName\": \"VulDB\", \"dateUpdated\": \"2026-03-01T07:07:44.790Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2026-2705\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-03-03T17:20:24.065Z\", \"dateReserved\": \"2026-02-18T18:05:04.203Z\", \"assignerOrgId\": \"1af790b2-7ee1-4545-860a-a788eba489b5\", \"datePublished\": \"2026-02-19T05:02:07.101Z\", \"assignerShortName\": \"VulDB\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
FKIE_CVE-2026-2705
Vulnerability from fkie_nvd - Published: 2026-02-19 07:17 - Updated: 2026-06-17 10:31
Severity
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
8.1 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H
8.1 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H
Summary
A vulnerability was detected in Open Babel up to 3.1.1. The impacted element is the function OBAtom::SetFormalCharge in the library include/openbabel/atom.h of the component MOL2 File Handler. The manipulation results in out-of-bounds read. It is possible to launch the attack remotely. The exploit is now public and may be used. The patch is identified as e23a224b8fd9d7c2a7cde9ef4ec6afb4c05aa08a. A patch should be applied to remediate this issue. The project was informed of the problem early through an issue report but has not responded yet.
References
| URL | Tags | ||
|---|---|---|---|
| cna@vuldb.com | https://github.com/VedantMadane/openbabel/commit/e23a224b8fd9d7c2a7cde9ef4ec6afb4c05aa08a | ||
| cna@vuldb.com | https://github.com/oneafter/0128/blob/main/ob2/repro.mol2 | Exploit | |
| cna@vuldb.com | https://github.com/openbabel/openbabel/issues/2848 | Exploit, Issue Tracking | |
| cna@vuldb.com | https://github.com/openbabel/openbabel/pull/2862 | ||
| cna@vuldb.com | https://vuldb.com/?ctiid.346651 | Permissions Required, VDB Entry | |
| cna@vuldb.com | https://vuldb.com/?id.346651 | Third Party Advisory, VDB Entry | |
| cna@vuldb.com | https://vuldb.com/?submit.754379 | Third Party Advisory, VDB Entry |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| openbabel | open_babel | * |
{
"affected": [
{
"affectedData": [
{
"modules": [
"MOL2 File Handler"
],
"product": "Open Babel",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "3.1.0"
},
{
"status": "affected",
"version": "3.1.1"
}
]
}
],
"source": "cna@vuldb.com"
}
],
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:openbabel:open_babel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C1F53B5D-AE11-4406-B954-7BD33D2E4DE6",
"versionEndIncluding": "3.1.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was detected in Open Babel up to 3.1.1. The impacted element is the function OBAtom::SetFormalCharge in the library include/openbabel/atom.h of the component MOL2 File Handler. The manipulation results in out-of-bounds read. It is possible to launch the attack remotely. The exploit is now public and may be used. The patch is identified as e23a224b8fd9d7c2a7cde9ef4ec6afb4c05aa08a. A patch should be applied to remediate this issue. The project was informed of the problem early through an issue report but has not responded yet."
},
{
"lang": "es",
"value": "Se encontr\u00f3 una vulnerabilidad en Open Babel hasta la versi\u00f3n 3.1.1. La cual afecta a la funci\u00f3n OBAtom::SetFormalCharge en la librer\u00eda include/openbabel/atom.h del componente Gestor de Archivos MOL2. Si se manipula se puede provocar una lectura fuera de l\u00edmites. Es posible lanzar el ataque de forma remota. El exploit es ahora p\u00fablico y puede ser utilizado. Se inform\u00f3 al proyecto con anterioridad a trav\u00e9s de un informe de incidencias, pero a\u00fan no ha respondido."
}
],
"id": "CVE-2026-2705",
"lastModified": "2026-06-17T10:31:34.540",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "cna@vuldb.com",
"type": "Secondary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "cna@vuldb.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV40": [
{
"cvssData": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 2.1,
"baseSeverity": "LOW",
"confidentialityRequirement": "NOT_DEFINED",
"exploitMaturity": "PROOF_OF_CONCEPT",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "PASSIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"source": "cna@vuldb.com",
"type": "Secondary"
}
],
"ssvcV203": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"ssvcData": {
"id": "CVE-2026-2705",
"options": [
{
"exploitation": "poc"
},
{
"automatable": "no"
},
{
"technicalImpact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-23T18:45:13.326320Z",
"version": "2.0.3"
}
}
]
},
"published": "2026-02-19T07:17:49.990",
"references": [
{
"source": "cna@vuldb.com",
"url": "https://github.com/VedantMadane/openbabel/commit/e23a224b8fd9d7c2a7cde9ef4ec6afb4c05aa08a"
},
{
"source": "cna@vuldb.com",
"tags": [
"Exploit"
],
"url": "https://github.com/oneafter/0128/blob/main/ob2/repro.mol2"
},
{
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Issue Tracking"
],
"url": "https://github.com/openbabel/openbabel/issues/2848"
},
{
"source": "cna@vuldb.com",
"url": "https://github.com/openbabel/openbabel/pull/2862"
},
{
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"VDB Entry"
],
"url": "https://vuldb.com/?ctiid.346651"
},
{
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://vuldb.com/?id.346651"
},
{
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://vuldb.com/?submit.754379"
}
],
"sourceIdentifier": "cna@vuldb.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
},
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "cna@vuldb.com",
"type": "Secondary"
}
]
}
GHSA-3F56-W4G2-MX64
Vulnerability from github – Published: 2026-02-19 18:31 – Updated: 2026-06-30 18:46
VLAI
Summary
Duplicate Advisory: Open Babel has NULL pointer dereference in MOL2 OBAtom::SetFormalCharge
Details
Duplicate Advisory
This advisory has been withdrawn because it is a duplicate of GHSA-4w5w-4fhm-q483. This link is maintained to preserve external references.
Original Description
A vulnerability was detected in Open Babel up to 3.1.1. The impacted element is the function OBAtom::SetFormalCharge in the library include/openbabel/atom.h of the component MOL2 File Handler. The manipulation results in out-of-bounds read. It is possible to launch the attack remotely. The exploit is now public and may be used. The project was informed of the problem early through an issue report but has not responded yet.
Severity
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "openbabel"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.2.0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [],
"database_specific": {
"cwe_ids": [
"CWE-119"
],
"github_reviewed": true,
"github_reviewed_at": "2026-06-30T18:46:53Z",
"nvd_published_at": "2026-02-19T07:17:49Z",
"severity": "LOW"
},
"details": "## Duplicate Advisory\nThis advisory has been withdrawn because it is a duplicate of GHSA-4w5w-4fhm-q483. This link is maintained to preserve external references.\n\n## Original Description\nA vulnerability was detected in Open Babel up to 3.1.1. The impacted element is the function OBAtom::SetFormalCharge in the library include/openbabel/atom.h of the component MOL2 File Handler. The manipulation results in out-of-bounds read. It is possible to launch the attack remotely. The exploit is now public and may be used. The project was informed of the problem early through an issue report but has not responded yet.",
"id": "GHSA-3f56-w4g2-mx64",
"modified": "2026-06-30T18:46:54Z",
"published": "2026-02-19T18:31:51Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-2705"
},
{
"type": "WEB",
"url": "https://github.com/openbabel/openbabel/issues/2848"
},
{
"type": "WEB",
"url": "https://github.com/openbabel/openbabel/pull/2862"
},
{
"type": "WEB",
"url": "https://github.com/VedantMadane/openbabel/commit/e23a224b8fd9d7c2a7cde9ef4ec6afb4c05aa08a"
},
{
"type": "WEB",
"url": "https://github.com/oneafter/0128/blob/main/ob2/repro.mol2"
},
{
"type": "WEB",
"url": "https://vuldb.com/?ctiid.346651"
},
{
"type": "WEB",
"url": "https://vuldb.com/?id.346651"
},
{
"type": "WEB",
"url": "https://vuldb.com/?submit.754379"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
],
"summary": "Duplicate Advisory: Open Babel has NULL pointer dereference in MOL2 OBAtom::SetFormalCharge",
"withdrawn": "2026-06-30T18:46:53Z"
}
GHSA-4W5W-4FHM-Q483
Vulnerability from github – Published: 2026-06-30 18:47 – Updated: 2026-06-30 18:47
VLAI
Summary
Open Babel has NULL pointer dereference in MOL2 OBAtom::SetFormalCharge
Details
Summary
A memory-safety vulnerability in Open Babel's MOL2 file format parser caused a NULL pointer dereference when reading a crafted input file.
Details
The flaw was in OBAtom::SetFormalCharge as called from the MOL2
parser. A malformed atom record caused the parser to call the method
on a NULL atom pointer.
Impact
Open Babel is a C++ library and CLI used to read and write chemistry
file formats; it is shipped by Linux distributions and embedded in
services that may parse untrusted input. Triggering this vulnerability
requires the victim to open a malicious MOL2 file with the obabel
tool, the OBConversion API, or any of the language bindings (Python,
Ruby, Java, R, Perl, C#, PHP).
Affected versions
All releases up to and including 3.1.1.
Patched version
3.2.0 (released 2026-05-26).
Patch
Fix commit: https://github.com/openbabel/openbabel/commit/e23a224b Tracked in #2862.
A minimized reproducer for this CVE is checked in under
test/files/fuzz_regress/ and is exercised on every CI build under
ASAN+UBSAN by the fuzzregresstest harness.
Credit
Reported by Vedant Madane (@VedantMadane) via VulDB.
Severity
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "openbabel"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.2.0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-2705"
],
"database_specific": {
"cwe_ids": [
"CWE-119",
"CWE-476"
],
"github_reviewed": true,
"github_reviewed_at": "2026-06-30T18:47:00Z",
"nvd_published_at": null,
"severity": "LOW"
},
"details": "### Summary\n\nA memory-safety vulnerability in Open Babel\u0027s MOL2 file format parser\ncaused a NULL pointer dereference when reading a crafted input file.\n\n### Details\n\nThe flaw was in `OBAtom::SetFormalCharge` as called from the MOL2\nparser. A malformed atom record caused the parser to call the method\non a NULL atom pointer.\n\n### Impact\n\nOpen Babel is a C++ library and CLI used to read and write chemistry\nfile formats; it is shipped by Linux distributions and embedded in\nservices that may parse untrusted input. Triggering this vulnerability\nrequires the victim to open a malicious MOL2 file with the `obabel`\ntool, the `OBConversion` API, or any of the language bindings (Python,\nRuby, Java, R, Perl, C#, PHP).\n\n### Affected versions\n\nAll releases up to and including 3.1.1.\n\n### Patched version\n\n3.2.0 (released 2026-05-26).\n\n### Patch\n\nFix commit: https://github.com/openbabel/openbabel/commit/e23a224b\nTracked in #2862.\n\nA minimized reproducer for this CVE is checked in under\n`test/files/fuzz_regress/` and is exercised on every CI build under\nASAN+UBSAN by the `fuzzregresstest` harness.\n\n### Credit\n\nReported by Vedant Madane (@VedantMadane) via VulDB.",
"id": "GHSA-4w5w-4fhm-q483",
"modified": "2026-06-30T18:47:01Z",
"published": "2026-06-30T18:47:00Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/openbabel/openbabel/security/advisories/GHSA-4w5w-4fhm-q483"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-2705"
},
{
"type": "WEB",
"url": "https://github.com/openbabel/openbabel/issues/2848"
},
{
"type": "WEB",
"url": "https://github.com/openbabel/openbabel/pull/2862"
},
{
"type": "WEB",
"url": "https://github.com/VedantMadane/openbabel/commit/e23a224b8fd9d7c2a7cde9ef4ec6afb4c05aa08a"
},
{
"type": "WEB",
"url": "https://github.com/oneafter/0128/blob/main/ob2/repro.mol2"
},
{
"type": "PACKAGE",
"url": "https://github.com/openbabel/openbabel"
},
{
"type": "WEB",
"url": "https://vuldb.com/?ctiid.346651"
},
{
"type": "WEB",
"url": "https://vuldb.com/?id.346651"
},
{
"type": "WEB",
"url": "https://vuldb.com/?submit.754379"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P",
"type": "CVSS_V4"
}
],
"summary": "Open Babel has NULL pointer dereference in MOL2 OBAtom::SetFormalCharge"
}
OPENSUSE-SU-2026:10936-1
Vulnerability from csaf_opensuse - Published: 2026-06-02 00:00 - Updated: 2026-06-02 00:00Summary
libopenbabel8-3.2.0-1.1 on GA media
Severity
Moderate
Notes
Title of the patch: libopenbabel8-3.2.0-1.1 on GA media
Description of the patch: These are all security issues fixed in the libopenbabel8-3.2.0-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames: openSUSE-Tumbleweed-2026-10936
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.3 (High)
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-3.2.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-3.2.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-3.2.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-3.2.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
9.8 (Critical)
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-3.2.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-3.2.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-3.2.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-3.2.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
critical
9.8 (Critical)
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-3.2.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-3.2.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-3.2.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-3.2.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
critical
7.8 (High)
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-3.2.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-3.2.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-3.2.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-3.2.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
critical
7.8 (High)
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-3.2.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-3.2.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-3.2.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-3.2.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
critical
5.3 (Medium)
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-3.2.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-3.2.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-3.2.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-3.2.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-3.2.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-3.2.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-3.2.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-3.2.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
low
8.1 (High)
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-3.2.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-3.2.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-3.2.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-3.2.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
22 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "libopenbabel8-3.2.0-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the libopenbabel8-3.2.0-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2026-10936",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2026_10936-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-37331 page",
"url": "https://www.suse.com/security/cve/CVE-2022-37331/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-43467 page",
"url": "https://www.suse.com/security/cve/CVE-2022-43467/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-46280 page",
"url": "https://www.suse.com/security/cve/CVE-2022-46280/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-46291 page",
"url": "https://www.suse.com/security/cve/CVE-2022-46291/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-46295 page",
"url": "https://www.suse.com/security/cve/CVE-2022-46295/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-10996 page",
"url": "https://www.suse.com/security/cve/CVE-2025-10996/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-10999 page",
"url": "https://www.suse.com/security/cve/CVE-2025-10999/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-2705 page",
"url": "https://www.suse.com/security/cve/CVE-2026-2705/"
}
],
"title": "libopenbabel8-3.2.0-1.1 on GA media",
"tracking": {
"current_release_date": "2026-06-02T00:00:00Z",
"generator": {
"date": "2026-06-02T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2026:10936-1",
"initial_release_date": "2026-06-02T00:00:00Z",
"revision_history": [
{
"date": "2026-06-02T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "libopenbabel8-3.2.0-1.1.aarch64",
"product": {
"name": "libopenbabel8-3.2.0-1.1.aarch64",
"product_id": "libopenbabel8-3.2.0-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "openbabel-3.2.0-1.1.aarch64",
"product": {
"name": "openbabel-3.2.0-1.1.aarch64",
"product_id": "openbabel-3.2.0-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "openbabel-devel-3.2.0-1.1.aarch64",
"product": {
"name": "openbabel-devel-3.2.0-1.1.aarch64",
"product_id": "openbabel-devel-3.2.0-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "openbabel-gui-3.2.0-1.1.aarch64",
"product": {
"name": "openbabel-gui-3.2.0-1.1.aarch64",
"product_id": "openbabel-gui-3.2.0-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "python3-openbabel-3.2.0-1.1.aarch64",
"product": {
"name": "python3-openbabel-3.2.0-1.1.aarch64",
"product_id": "python3-openbabel-3.2.0-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libopenbabel8-3.2.0-1.1.ppc64le",
"product": {
"name": "libopenbabel8-3.2.0-1.1.ppc64le",
"product_id": "libopenbabel8-3.2.0-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "openbabel-3.2.0-1.1.ppc64le",
"product": {
"name": "openbabel-3.2.0-1.1.ppc64le",
"product_id": "openbabel-3.2.0-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "openbabel-devel-3.2.0-1.1.ppc64le",
"product": {
"name": "openbabel-devel-3.2.0-1.1.ppc64le",
"product_id": "openbabel-devel-3.2.0-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "openbabel-gui-3.2.0-1.1.ppc64le",
"product": {
"name": "openbabel-gui-3.2.0-1.1.ppc64le",
"product_id": "openbabel-gui-3.2.0-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "python3-openbabel-3.2.0-1.1.ppc64le",
"product": {
"name": "python3-openbabel-3.2.0-1.1.ppc64le",
"product_id": "python3-openbabel-3.2.0-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "libopenbabel8-3.2.0-1.1.s390x",
"product": {
"name": "libopenbabel8-3.2.0-1.1.s390x",
"product_id": "libopenbabel8-3.2.0-1.1.s390x"
}
},
{
"category": "product_version",
"name": "openbabel-3.2.0-1.1.s390x",
"product": {
"name": "openbabel-3.2.0-1.1.s390x",
"product_id": "openbabel-3.2.0-1.1.s390x"
}
},
{
"category": "product_version",
"name": "openbabel-devel-3.2.0-1.1.s390x",
"product": {
"name": "openbabel-devel-3.2.0-1.1.s390x",
"product_id": "openbabel-devel-3.2.0-1.1.s390x"
}
},
{
"category": "product_version",
"name": "openbabel-gui-3.2.0-1.1.s390x",
"product": {
"name": "openbabel-gui-3.2.0-1.1.s390x",
"product_id": "openbabel-gui-3.2.0-1.1.s390x"
}
},
{
"category": "product_version",
"name": "python3-openbabel-3.2.0-1.1.s390x",
"product": {
"name": "python3-openbabel-3.2.0-1.1.s390x",
"product_id": "python3-openbabel-3.2.0-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libopenbabel8-3.2.0-1.1.x86_64",
"product": {
"name": "libopenbabel8-3.2.0-1.1.x86_64",
"product_id": "libopenbabel8-3.2.0-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "openbabel-3.2.0-1.1.x86_64",
"product": {
"name": "openbabel-3.2.0-1.1.x86_64",
"product_id": "openbabel-3.2.0-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "openbabel-devel-3.2.0-1.1.x86_64",
"product": {
"name": "openbabel-devel-3.2.0-1.1.x86_64",
"product_id": "openbabel-devel-3.2.0-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "openbabel-gui-3.2.0-1.1.x86_64",
"product": {
"name": "openbabel-gui-3.2.0-1.1.x86_64",
"product_id": "openbabel-gui-3.2.0-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "python3-openbabel-3.2.0-1.1.x86_64",
"product": {
"name": "python3-openbabel-3.2.0-1.1.x86_64",
"product_id": "python3-openbabel-3.2.0-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenbabel8-3.2.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.aarch64"
},
"product_reference": "libopenbabel8-3.2.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenbabel8-3.2.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.ppc64le"
},
"product_reference": "libopenbabel8-3.2.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenbabel8-3.2.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.s390x"
},
"product_reference": "libopenbabel8-3.2.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libopenbabel8-3.2.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.x86_64"
},
"product_reference": "libopenbabel8-3.2.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openbabel-3.2.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:openbabel-3.2.0-1.1.aarch64"
},
"product_reference": "openbabel-3.2.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openbabel-3.2.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:openbabel-3.2.0-1.1.ppc64le"
},
"product_reference": "openbabel-3.2.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openbabel-3.2.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:openbabel-3.2.0-1.1.s390x"
},
"product_reference": "openbabel-3.2.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openbabel-3.2.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:openbabel-3.2.0-1.1.x86_64"
},
"product_reference": "openbabel-3.2.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openbabel-devel-3.2.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.aarch64"
},
"product_reference": "openbabel-devel-3.2.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openbabel-devel-3.2.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.ppc64le"
},
"product_reference": "openbabel-devel-3.2.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openbabel-devel-3.2.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.s390x"
},
"product_reference": "openbabel-devel-3.2.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openbabel-devel-3.2.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.x86_64"
},
"product_reference": "openbabel-devel-3.2.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openbabel-gui-3.2.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.aarch64"
},
"product_reference": "openbabel-gui-3.2.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openbabel-gui-3.2.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.ppc64le"
},
"product_reference": "openbabel-gui-3.2.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openbabel-gui-3.2.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.s390x"
},
"product_reference": "openbabel-gui-3.2.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openbabel-gui-3.2.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.x86_64"
},
"product_reference": "openbabel-gui-3.2.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-openbabel-3.2.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.aarch64"
},
"product_reference": "python3-openbabel-3.2.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-openbabel-3.2.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.ppc64le"
},
"product_reference": "python3-openbabel-3.2.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-openbabel-3.2.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.s390x"
},
"product_reference": "python3-openbabel-3.2.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-openbabel-3.2.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.x86_64"
},
"product_reference": "python3-openbabel-3.2.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-37331",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-37331"
}
],
"notes": [
{
"category": "general",
"text": "An out-of-bounds write vulnerability exists in the Gaussian format orientation functionality of Open Babel 3.1.1 and master commit 530dbfa3. A specially crafted malformed file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-37331",
"url": "https://www.suse.com/security/cve/CVE-2022-37331"
},
{
"category": "external",
"summary": "SUSE Bug 1217676 for CVE-2022-37331",
"url": "https://bugzilla.suse.com/1217676"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-02T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2022-37331"
},
{
"cve": "CVE-2022-43467",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-43467"
}
],
"notes": [
{
"category": "general",
"text": "An out-of-bounds write vulnerability exists in the PQS format coord_file functionality of Open Babel 3.1.1 and master commit 530dbfa3. A specially crafted malformed file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-43467",
"url": "https://www.suse.com/security/cve/CVE-2022-43467"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-02T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2022-43467"
},
{
"cve": "CVE-2022-46280",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-46280"
}
],
"notes": [
{
"category": "general",
"text": "A use of uninitialized pointer vulnerability exists in the PQS format pFormat functionality of Open Babel 3.1.1 and master commit 530dbfa3. A specially crafted malformed file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-46280",
"url": "https://www.suse.com/security/cve/CVE-2022-46280"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-02T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2022-46280"
},
{
"cve": "CVE-2022-46291",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-46291"
}
],
"notes": [
{
"category": "general",
"text": "Multiple out-of-bounds write vulnerabilities exist in the translationVectors parsing functionality in multiple supported formats of Open Babel 3.1.1 and master commit 530dbfa3. A specially-crafted malformed file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.This vulnerability affects the MSI file format",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-46291",
"url": "https://www.suse.com/security/cve/CVE-2022-46291"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-02T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2022-46291"
},
{
"cve": "CVE-2022-46295",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-46295"
}
],
"notes": [
{
"category": "general",
"text": "Multiple out-of-bounds write vulnerabilities exist in the translationVectors parsing functionality in multiple supported formats of Open Babel 3.1.1 and master commit 530dbfa3. A specially-crafted malformed file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.This vulnerability affects the Gaussian file format",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-46295",
"url": "https://www.suse.com/security/cve/CVE-2022-46295"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-02T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2022-46295"
},
{
"cve": "CVE-2025-10996",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-10996"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability was detected in Open Babel up to 3.1.1. This issue affects the function OBSmilesParser::ParseSmiles of the file /src/formats/smilesformat.cpp. Performing manipulation results in heap-based buffer overflow. The attack needs to be approached locally. The exploit is now public and may be used.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-10996",
"url": "https://www.suse.com/security/cve/CVE-2025-10996"
},
{
"category": "external",
"summary": "SUSE Bug 1250544 for CVE-2025-10996",
"url": "https://bugzilla.suse.com/1250544"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-02T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-10996"
},
{
"cve": "CVE-2025-10999",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-10999"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability was found in Open Babel up to 3.1.1. The impacted element is the function CacaoFormat::SetHilderbrandt of the file /src/formats/cacaoformat.cpp. The manipulation results in null pointer dereference. The attack is only possible with local access. The exploit has been made public and could be used.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-10999",
"url": "https://www.suse.com/security/cve/CVE-2025-10999"
},
{
"category": "external",
"summary": "SUSE Bug 1250547 for CVE-2025-10999",
"url": "https://bugzilla.suse.com/1250547"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-02T00:00:00Z",
"details": "low"
}
],
"title": "CVE-2025-10999"
},
{
"cve": "CVE-2026-2705",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-2705"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability was detected in Open Babel up to 3.1.1. The impacted element is the function OBAtom::SetFormalCharge in the library include/openbabel/atom.h of the component MOL2 File Handler. The manipulation results in out-of-bounds read. It is possible to launch the attack remotely. The exploit is now public and may be used. The patch is identified as e23a224b8fd9d7c2a7cde9ef4ec6afb4c05aa08a. A patch should be applied to remediate this issue. The project was informed of the problem early through an issue report but has not responded yet.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-2705",
"url": "https://www.suse.com/security/cve/CVE-2026-2705"
},
{
"category": "external",
"summary": "SUSE Bug 1258507 for CVE-2026-2705",
"url": "https://bugzilla.suse.com/1258507"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:libopenbabel8-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-devel-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:openbabel-gui-3.2.0-1.1.x86_64",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.aarch64",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.ppc64le",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.s390x",
"openSUSE Tumbleweed:python3-openbabel-3.2.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-02T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2026-2705"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…