CVE-2025-10996 – This vulnerability allows local attackers to ex... (How to Fix)

Q: What is the severity of CVE-2025-10996?

CVE-2025-10996 has a CVSS score of 5.3 (MEDIUM). This vulnerability allows local attackers to execute arbitrary code or cause denial of service through a heap-based buffer overflow in Open Babel's SMILES parser. It affects users of Open Babel up to version 3.1.1 who process untrusted SMILES chemical notation files. The attack requires local access to the system.

📋 TL;DR

This vulnerability allows local attackers to execute arbitrary code or cause denial of service through a heap-based buffer overflow in Open Babel's SMILES parser. It affects users of Open Babel up to version 3.1.1 who process untrusted SMILES chemical notation files. The attack requires local access to the system.

💻 Affected Systems

Products:

Open Babel

Versions: All versions up to and including 3.1.1

Operating Systems: All platforms where Open Babel is installed (Linux, Windows, macOS, etc.)

Default Config Vulnerable: ⚠️ Yes

Notes: Vulnerability triggers when parsing specially crafted SMILES chemical notation files. Any application using Open Babel's SMILES parsing functionality is affected.

📦 What is this software?

Open Babel by Openbabel

View all CVEs affecting Open Babel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Local privilege escalation leading to full system compromise, data theft, or persistent backdoor installation.

🟠

Likely Case

Application crash (denial of service) or limited code execution within the Open Babel process context.

🟢

If Mitigated

Minimal impact if proper sandboxing, privilege separation, and input validation are implemented.

🌐 Internet-Facing: LOW - Attack requires local access, not remotely exploitable.

🏢 Internal Only: MEDIUM - Local attackers could exploit this if they have access to systems running vulnerable Open Babel versions.

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Proof-of-concept exploit code is publicly available in the provided GitHub attachments. Exploitation requires local access and ability to feed malicious SMILES input to the parser.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Open Babel version after 3.1.1 (check latest release)

Vendor Advisory: https://github.com/openbabel/openbabel/issues/2831

Restart Required: No

Instructions:

1. Check current Open Babel version. 2. Update to latest version from official repository. 3. Recompile any applications using Open Babel libraries. 4. Test with known safe SMILES files.

🔧 Temporary Workarounds

Input Validation/Sanitization

all

Implement strict input validation for SMILES files before passing to Open Babel parser

Sandbox Execution

Linux/Unix

Run Open Babel in restricted environment using containerization or sandboxing

docker run --read-only --cap-drop=ALL openbabel
firejail --private openbabel

🧯 If You Can't Patch

Restrict local access to systems running Open Babel to trusted users only.
Implement application whitelisting to prevent execution of unauthorized binaries alongside Open Babel.

🔍 How to Verify

Check if Vulnerable:

Check Open Babel version: 'obabel --version' or examine package manager output. If version is 3.1.1 or earlier, system is vulnerable.

Check Version:

obabel --version

Verify Fix Applied:

After updating, verify version is greater than 3.1.1 and test parsing known safe SMILES files without crashes.

📡 Detection & Monitoring

Log Indicators:

Open Babel process crashes with segmentation fault or heap corruption errors
Abnormal termination of applications using Open Babel libraries

Network Indicators:

Not applicable - local exploitation only

SIEM Query:

Process:Name='obabel' AND EventID=1000 (Application Crash) OR Process:Name contains 'openbabel' AND EventID=1000

📊 Metadata

CVE ID: CVE-2025-10996

CVSS v3 Score: 5.3 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

CWE: CWE-119

EPSS Score: 0.04% exploit probability (11.6th percentile)

Published: September 26, 2025

Last Updated: September 29, 2025

🔗 References

https://github.com/openbabel/openbabel/issues/2831 Exploit,Issue Tracking
https://github.com/user-attachments/files/22318556/poc.zip Exploit
https://vuldb.com/?ctiid.325924 Permissions Required,VDB Entry
https://vuldb.com/?id.325924 Third Party Advisory,VDB Entry
https://vuldb.com/?submit.654060 Third Party Advisory,VDB Entry

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-10996, you might also want to check these: