{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata. Fed continuously.","feed_url":"https://feed.craftedsignal.io/products/pip/openbabel--3.2.0/feed.json","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cpes":["cpe:2.3:a:openbabel:open_babel:*:*:*:*:*:*:*:*"],"_cs_cves":[{"cvss":5.3,"id":"CVE-2025-10997"}],"_cs_exploited":false,"_cs_has_poc":false,"_cs_poc_references":[],"_cs_products":["Open Babel (\u003c 3.2.0)","pip/openbabel (\u003c 3.2.0)"],"_cs_severities":["high"],"_cs_tags":["chemistry","vulnerability","buffer-overflow","memory-corruption","cve"],"_cs_type":"advisory","_cs_vendors":["Open Babel"],"content_html":"\u003cp\u003eA memory-safety vulnerability, identified as CVE-2025-10997, has been discovered in Open Babel, a widely used C++ library and command-line tool for chemistry file format conversion. This flaw, reported via OSS-Fuzz, specifically exists within the \u003ccode\u003eChemKinFormat::CheckSpecies\u003c/code\u003e function of the ChemKin parser. Attackers can exploit this vulnerability by crafting a malicious ChemKin file that, when processed by a victim using Open Babel components (such as the \u003ccode\u003eobabel\u003c/code\u003e tool, the \u003ccode\u003eOBConversion\u003c/code\u003e API, or its language bindings), causes a heap buffer overflow. This leads to memory corruption, potentially resulting in application crashes (Denial of Service) or, under certain conditions, arbitrary code execution. All Open Babel releases up to and including version 3.1.1 are affected; the vulnerability was patched in version 3.2.0, released on 2026-05-26.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eAttacker crafts a malicious ChemKin file specifically designed to contain malformed species records, triggering the heap buffer overflow in \u003ccode\u003eChemKinFormat::CheckSpecies\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eThe malicious ChemKin file is delivered to the victim, typically via social engineering (e.g., email attachment), malicious download link, or embedding within a seemingly legitimate data set.\u003c/li\u003e\n\u003cli\u003eThe victim interacts with the malicious file, causing it to be processed by an Open Babel component, such as the \u003ccode\u003eobabel\u003c/code\u003e command-line tool, the \u003ccode\u003eOBConversion\u003c/code\u003e API, or one of its language bindings (Python, Ruby, Java, etc.).\u003c/li\u003e\n\u003cli\u003eOpen Babel's internal parser, specifically within the \u003ccode\u003eChemKinFormat::CheckSpecies\u003c/code\u003e function, attempts to process the malformed species record from the crafted file.\u003c/li\u003e\n\u003cli\u003eDue to the malformed data, the \u003ccode\u003eChemKinFormat::CheckSpecies\u003c/code\u003e function attempts to write data beyond the allocated bounds of a heap-allocated buffer.\u003c/li\u003e\n\u003cli\u003eThis heap buffer overflow corrupts memory, leading to an application crash (Denial of Service) or, under specific conditions, allows for arbitrary code execution on the victim's system.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of CVE-2025-10997 can lead to severe consequences for systems processing untrusted ChemKin files with affected versions of Open Babel. The primary impact includes denial of service, as the application processing the malicious file will likely crash due to memory corruption. More critically, sophisticated exploitation could lead to arbitrary code execution, granting attackers control over the compromised system. Open Babel is widely integrated, being shipped by Linux distributions and embedded in various services that parse chemical file formats. Organizations using Open Babel in such contexts, especially those handling external or untrusted data, are at risk.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePatch CVE-2025-10997 by upgrading all instances of Open Babel and its language bindings to version 3.2.0 or later immediately.\u003c/li\u003e\n\u003cli\u003eImplement strict input validation and sanitization for all ChemKin files processed by applications utilizing Open Babel components to mitigate risks from specially crafted inputs.\u003c/li\u003e\n\u003cli\u003eMonitor systems that utilize Open Babel for unexpected application crashes or unusual process behavior that could indicate attempted exploitation.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-07-03T13:01:12Z","date_published":"2026-07-03T13:01:12Z","id":"https://feed.craftedsignal.io/briefs/2026-07-open-babel-heap-overflow/","summary":"A heap buffer overflow vulnerability (CVE-2025-10997) in Open Babel's ChemKin parser allows an attacker to achieve memory corruption when a victim processes a specially crafted ChemKin file, potentially leading to denial of service or arbitrary code execution.","title":"Open Babel Heap Buffer Overflow in ChemKin Parser (CVE-2025-10997)","url":"https://feed.craftedsignal.io/briefs/2026-07-open-babel-heap-overflow/"}],"language":"en","title":"CraftedSignal Threat Feed - Pip/Openbabel (\u003c 3.2.0)","version":"https://jsonfeed.org/version/1.1"}