CVE-2025-10995 – A memory corruption vulnerability in Open Babel... (How to Fix)

Q: What is the severity of CVE-2025-10995?

CVE-2025-10995 has a CVSS score of 5.3 (MEDIUM). A memory corruption vulnerability in Open Babel's zlib decompression stream allows local attackers to potentially execute arbitrary code or cause denial of service. This affects users of Open Babel up to version 3.1.1 who process untrusted input files. The vulnerability requires local access to exploit.

📋 TL;DR

A memory corruption vulnerability in Open Babel's zlib decompression stream allows local attackers to potentially execute arbitrary code or cause denial of service. This affects users of Open Babel up to version 3.1.1 who process untrusted input files. The vulnerability requires local access to exploit.

💻 Affected Systems

Products:

Open Babel

Versions: All versions up to and including 3.1.1

Operating Systems: All platforms running Open Babel

Default Config Vulnerable: ⚠️ Yes

Notes: Vulnerability triggers when processing specially crafted input files through affected zlib stream functions

📦 What is this software?

Open Babel by Openbabel

View all CVEs affecting Open Babel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Local privilege escalation leading to full system compromise through arbitrary code execution

🟠

Likely Case

Application crash or denial of service when processing malicious input files

🟢

If Mitigated

Limited impact due to local-only access requirement and proper file input validation

🌐 Internet-Facing: LOW - requires local access, not directly exploitable over network

🏢 Internal Only: MEDIUM - local users could exploit to elevate privileges or disrupt services

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Proof-of-concept available in GitHub attachments, requires local access and specific file processing

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Version after 3.1.1 (check latest release)

Vendor Advisory: https://github.com/openbabel/openbabel/issues/2832

Restart Required: No

Instructions:

1. Check current Open Babel version. 2. Update to latest version from official repository. 3. Recompile if using source distribution. 4. Test with known safe files.

🔧 Temporary Workarounds

Restrict file processing

all

Limit Open Babel to trusted input sources and implement file validation

Sandbox execution

linux

Run Open Babel in container or restricted environment

docker run --read-only --security-opt=no-new-privileges openbabel

🧯 If You Can't Patch

Implement strict file input validation and sanitization
Run Open Babel with minimal privileges and in isolated environments

🔍 How to Verify

Check if Vulnerable:

Check Open Babel version: if ≤ 3.1.1, vulnerable

Check Version:

obabel --version

Verify Fix Applied:

Verify version > 3.1.1 and test with known safe files

📡 Detection & Monitoring

Log Indicators:

Segmentation faults in Open Babel processes
Unexpected process termination

Network Indicators:

None - local-only vulnerability

SIEM Query:

Process:obabel AND (EventID:1000 OR Signal:SIGSEGV)

📊 Metadata

CVE ID: CVE-2025-10995

CVSS v3 Score: 5.3 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

CWE: CWE-119

EPSS Score: 0.05% exploit probability (14th percentile)

Published: September 26, 2025

Last Updated: September 29, 2025

🔗 References

https://github.com/openbabel/openbabel/issues/2832 Exploit,Issue Tracking
https://github.com/user-attachments/files/22318572/poc.zip Exploit
https://vuldb.com/?ctiid.325923 Permissions Required,VDB Entry
https://vuldb.com/?id.325923 Third Party Advisory,VDB Entry
https://vuldb.com/?submit.654059 Third Party Advisory,VDB Entry

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-10995, you might also want to check these: