CVE-2026-42481 - Vulnerability Details

- Out-of-Bounds Read and Infinite Recursion in OCCT IGES/STEP Parsers

Description

Open CASCADE Technology (OCCT) V8_0_0_rc5 contains multiple vulnerabilities in its IGES and STEP file parsers that can be triggered by crafted IGES or STEP files. These issues include an out-of-bounds read in Geom2d_BSplineCurve::EvalD0 during IGES B-spline curve evaluation, an out-of-bounds read in MakeBSplineCurveCommon during STEP B-spline curve construction, and infinite recursion in StepShape_OrientedEdge::EdgeStart when processing a self-referential OrientedEdge entity. Successful exploitation may result in denial of service or unintended memory disclosure.

Published: 2026-05-01

Score: 5.5 Medium

EPSS: n/a

KEV: No

Impact:

Action:

Analysis

Impact

Open CASCADE Technology (OCCT) version 8.0.0_rc5 contains multiple weaknesses in its IGES and STEP file parsers that are triggered by crafted files. One flaw is an out-of-bounds read in the evaluation of IGES B-spline curves, another occurs when building STEP B-spline curves, and a third flaw causes infinite recursion when processing a self-referential OrientedEdge entity. Each of these issues can lead either to a program crash or to the unintended disclosure of memory contents, affecting the confidentiality, integrity and availability of the application.

Affected Systems

The vulnerabilities affect only installations that use the 8.0.0_rc5 release of OCCT. No other vendors or product versions are listed, so the impact is limited to that specific release.

Risk and Exploitability

The CVSS score of 5.5 indicates a moderate severity. The EPSS score is not available, and the vulnerability is not listed in the CISA KEV catalog. Attackers can exploit the flaw by providing malicious IGES or STEP files; the attack vector is inferred to rely on file input, which may be local or supplied remotely depending on the target application. Successful exploitation would cause either a denial-of-service or disclosure of internal memory data.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

n/a

affected

Version	Status	Constraints
`n/a`	affected	—

No data.

No data available yet.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Upgrade OCCT to a newer release that contains a fix for the IGES/STEP parsing defects.
Until a patch is available, restrict the processing of IGES and STEP files to trusted sources only, and perform strict validation against the expected schema or byte-length limits.
Configure resource limits or enable sandboxing for the application to detect and mitigate excessive recursion or memory access attempts, thereby reducing the risk of a denial-of-service attack.

Generated by OpenCVE AI on May 2, 2026 at 07:59 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Exploitation none

Automatable no

Technical Impact partial

References

Link	Providers
https://gist.github.com/sgInnora/dfba083d04906283e9c92aea78e2d94a

History

Sat, 02 May 2026 08:15:00 +0000

Type	Values Removed	Values Added
Title		Out-of-Bounds Read and Infinite Recursion in OCCT IGES/STEP Parsers

Fri, 01 May 2026 19:15:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-125
Metrics		cvssV3_1 `{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}` ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Fri, 01 May 2026 15:30:00 +0000

Type	Values Removed	Values Added
Description		Open CASCADE Technology (OCCT) V8_0_0_rc5 contains multiple vulnerabilities in its IGES and STEP file parsers that can be triggered by crafted IGES or STEP files. These issues include an out-of-bounds read in Geom2d_BSplineCurve::EvalD0 during IGES B-spline curve evaluation, an out-of-bounds read in MakeBSplineCurveCommon during STEP B-spline curve construction, and infinite recursion in StepShape_OrientedEdge::EdgeStart when processing a self-referential OrientedEdge entity. Successful exploitation may result in denial of service or unintended memory disclosure.
References		https://gist.github.com/sgInnora/dfba083d04906283e9c92aea78e2d94a

Subscriptions

No data.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2026-05-01T00:00:00.000Z

Updated: 2026-05-01T18:30:42.756Z

Reserved: 2026-04-27T00:00:00.000Z

Link: CVE-2026-42481

Vulnrichment

Updated: 2026-05-01T18:30:24.876Z

NVD

Status : Received

Published: 2026-05-01T16:16:32.163

Modified: 2026-05-01T19:16:32.663

Link: CVE-2026-42481

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-05-02T08:00:14Z

Weaknesses

CWE-125

Impact

Affected Systems

Risk and Exploitability

Tracking

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Exploitation none

Automatable no

Technical Impact partial

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object