CVE-2025-10999 MEDIUM

CVE-2025-10999: Open Babel cacaoformat.cpp SetHilderbrandt null pointer dereference

Vendor N/A
Product Open Babel
Weakness CWE-476
Published September 26, 2025
Last update September 26, 2025

CVSS base score

4.8/10
Attack vector Local
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P

What the vulnerability does

01Description

A vulnerability was found in Open Babel up to 3.1.1. The impacted element is the function CacaoFormat::SetHilderbrandt of the file /src/formats/cacaoformat.cpp. The manipulation results in null pointer dereference. The attack is only possible with local access. The exploit has been made public and could be used.

Key dates

02Disclosure timeline

September 26, 2025 CVE published
September 26, 2025 Record updated