CVE-2026-2705

A vulnerability was detected in Open Babel up to 3.1.1. The impacted element is the function OBAtom::SetFormalCharge in the library include/openbabel/atom.h of the component MOL2 File Handler. The manipulation results in out-of-bounds read. It is possible to launch the attack remotely. The exploit is now public and may be used. The patch is identified as e23a224b8fd9d7c2a7cde9ef4ec6afb4c05aa08a. A patch should be applied to remediate this issue. The project was informed of the problem early through an issue report but has not responded yet.

The following products are affected by CVE-2026-2705 vulnerability.

Here, you will find a curated list of external links that provide in-depth information to CVE-2026-2705.

URL	Resource
https://github.com/VedantMadane/openbabel/commit/e23a224b8fd9d7c2a7cde9ef4ec6afb4c05aa08a
https://github.com/oneafter/0128/blob/main/ob2/repro.mol2
https://github.com/openbabel/openbabel/issues/2848
https://github.com/openbabel/openbabel/pull/2862
https://vuldb.com/?ctiid.346651
https://vuldb.com/?id.346651
https://vuldb.com/?submit.754379