CVE-2026-42480

Stack-based Out-of-Bounds Read in VRML Parser Causing Denial of Service in OCCT

Description

A stack-based out-of-bounds read vulnerability in VrmlData_Scene::ReadLine in the VRML parser in Open CASCADE Technology (OCCT) V8_0_0_rc5 allows attackers to cause a denial of service via a crafted VRML file. The issue occurs because the quoted-string escape handler uses ptr[++anOffset] without proper bounds checking, which can read past the end of a fixed-size stack buffer.

INFO

Published Date :

2026-05-01T00:00:00.000Z

Last Modified :

2026-05-01T18:29:14.320Z

Source :

mitre

AFFECTED PRODUCTS

The following products are affected by CVE-2026-42480 vulnerability.

Vendors	Products
Opencascade	Open Cascade Technology

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2026-42480.

URL	Resource
https://gist.github.com/sgInnora/dfba083d04906283e9c92aea78e2d94a

CVSS Vulnerability Scoring System

V3.1

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality Impact

Integrity Impact

Availability Impact