{"id":"CVE-2026-2705","details":"A vulnerability was detected in Open Babel up to 3.1.1. The impacted element is the function OBAtom::SetFormalCharge in the library include/openbabel/atom.h of the component MOL2 File Handler. The manipulation results in out-of-bounds read. It is possible to launch the attack remotely. The exploit is now public and may be used. The patch is identified as e23a224b8fd9d7c2a7cde9ef4ec6afb4c05aa08a. A patch should be applied to remediate this issue. The project was informed of the problem early through an issue report but has not responded yet.","aliases":["GHSA-4w5w-4fhm-q483"],"modified":"2026-07-03T18:29:30.047092588Z","published":"2026-02-19T07:17:49.990Z","related":["openSUSE-SU-2026:10936-1","openSUSE-SU-2026:21190-1"],"references":[{"type":"ADVISORY","url":"https://vuldb.com/?id.346651"},{"type":"ADVISORY","url":"https://vuldb.com/?submit.754379"},{"type":"REPORT","url":"https://github.com/openbabel/openbabel/issues/2848"},{"type":"REPORT","url":"https://vuldb.com/?ctiid.346651"},{"type":"FIX","url":"https://github.com/openbabel/openbabel/pull/2862"},{"type":"FIX","url":"https://github.com/VedantMadane/openbabel/commit/e23a224b8fd9d7c2a7cde9ef4ec6afb4c05aa08a"},{"type":"EVIDENCE","url":"https://github.com/oneafter/0128/blob/main/ob2/repro.mol2"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/VedantMadane/openbabel","events":[{"introduced":"0"},{"last_affected":"cbd4db43f8908b874864280fdc03bf92569eebc1"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"3.1.1"}]}},{"type":"GIT","repo":"https://github.com/vedantmadane/openbabel","events":[{"introduced":"0"},{"fixed":"e23a224b8fd9d7c2a7cde9ef4ec6afb4c05aa08a"}]}],"versions":["openbabel-3-0-0","openbabel-3-0-0a1","openbabel-3-0-0a2","openbabel-3-1-0","openbabel-3-1-1"],"database_specific":{"vanir_signatures":[{"signature_type":"Function","id":"CVE-2026-2705-01bc6dd8","deprecated":false,"source":"https://github.com/vedantmadane/openbabel/commit/e23a224b8fd9d7c2a7cde9ef4ec6afb4c05aa08a","signature_version":"v1","digest":{"length":8741,"function_hash":"30010962304116138080607436319469699538"},"target":{"file":"src/formats/mol2format.cpp","function":"MOL2Format::ReadMolecule"}},{"signature_type":"Line","id":"CVE-2026-2705-0f76489d","deprecated":false,"source":"https://github.com/vedantmadane/openbabel/commit/e23a224b8fd9d7c2a7cde9ef4ec6afb4c05aa08a","signature_version":"v1","digest":{"threshold":0.9,"line_hashes":["217684272962877016414138833642465327871","281597259995795846860484565484922236444","67944802873645976870685274386029446693","284286721701357702013437237273380090033","242538309816058351042879703787182903972"]},"target":{"file":"src/formats/xml/cdxmlformat.cpp"}},{"signature_type":"Function","id":"CVE-2026-2705-33bca003","deprecated":false,"source":"https://github.com/vedantmadane/openbabel/commit/e23a224b8fd9d7c2a7cde9ef4ec6afb4c05aa08a","digest":{"length":1251,"function_hash":"119405193706058877749533351361322555021"},"signature_version":"v1","target":{"file":"src/math/transform3d.cpp","function":"transform3d::DescribeAsString"}},{"signature_type":"Line","id":"CVE-2026-2705-a7c7b4f1","deprecated":false,"source":"https://github.com/vedantmadane/openbabel/commit/e23a224b8fd9d7c2a7cde9ef4ec6afb4c05aa08a","digest":{"threshold":0.9,"line_hashes":["74714072063425806463116978712476486227","26720173946644870887389989496423085704","17720890902694951893861370958398576869","241071117686927028701713811667404671016","310400835440742988261621149033241726729","223347280846511975360235714746911352592","113071542473268934638868109943538653392"]},"signature_version":"v1","target":{"file":"src/formats/mol2format.cpp"}},{"signature_type":"Line","id":"CVE-2026-2705-b63644bb","deprecated":false,"source":"https://github.com/vedantmadane/openbabel/commit/e23a224b8fd9d7c2a7cde9ef4ec6afb4c05aa08a","digest":{"threshold":0.9,"line_hashes":["126791517391950924350933049496851609362","273447677231502680745093624288136141499","122020157048298215120106090724374946668","106789864566273743879341108317849902974","40275149034654090481755797826856792854"]},"signature_version":"v1","target":{"file":"src/math/transform3d.cpp"}},{"signature_type":"Function","id":"CVE-2026-2705-f94e2ea9","deprecated":false,"source":"https://github.com/vedantmadane/openbabel/commit/e23a224b8fd9d7c2a7cde9ef4ec6afb4c05aa08a","signature_version":"v1","digest":{"length":650,"function_hash":"76514931888117891657624299142639965215"},"target":{"file":"src/formats/xml/cdxmlformat.cpp","function":"ChemDrawXMLFormat::EndElement"}}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-2705.json","vanir_signatures_modified":"2026-04-12T20:21:43Z"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H"}]}