CVE-2026-2704 | Open Babel up to 3.1.1 CIF File src/math/transform3d.cpp DescribeAsString out-of-bounds (Issue 2848)

A vulnerability identified as critical has been detected in Open Babel up to 3.1.1. The affected element is the function OpenBabel::transform3d::DescribeAsString of the file src/math/transform3d.cpp of the component CIF File Handler. The manipulation leads to out-of-bounds read.

This vulnerability is traded as CVE-2026-2704. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

The project was informed of the problem early through an issue report but has not responded yet.

CVE-2026-2704 | Open Babel up to 3.1.1 CIF File src/math/transform3d.cpp DescribeAsString out-of-bounds (Issue 2848)

Post correlati

CVE-2024-25201 | Espruino 2v20 src/jsvar.c jsvStringIteratorPrintfCallback out-of-bounds

CVE-2022-48618 | Apple tvOS improper authentication

CVE-2025-37891 | Linux Kernel up to 6.6.89/6.12.27/6.14.5/6.15-rc4 ALSA do_convert_to_ump buffer overflow

CVE-2024-27764 | Jeewms up to 3.7 AuthInterceptor Privilege Escalation