Login Sign Up

CVE-2026-3408

4.3 MEDIUM
Denial of Service

📋 TL;DR

A null pointer dereference vulnerability in Open Babel's CDXML file handler allows remote attackers to cause denial of service by crashing the application when processing malicious CDXML files. This affects Open Babel versions up to 3.1.1. Users who process untrusted CDXML files are at risk.

💻 Affected Systems

Products:
  • Open Babel
Versions: All versions up to and including 3.1.1
Operating Systems: All platforms running Open Babel
Default Config Vulnerable: ⚠️ Yes
Notes: Vulnerability is in CDXML file handler component; only affects systems that process CDXML files.

📦 What is this software?

Open Babel by Openbabel

View all CVEs affecting Open Babel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote denial of service causing application crash and potential data loss if processing occurs during critical operations.

🟠

Likely Case

Application crash when processing malicious CDXML files, disrupting workflows that rely on Open Babel.

🟢

If Mitigated

Minimal impact with proper input validation and sandboxing of file processing.

🌐 Internet-Facing: MEDIUM - Remote exploitation is possible but requires file upload/processing capability.
🏢 Internal Only: LOW - Requires user interaction to process malicious files.

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Proof-of-concept exploit file available in GitHub repository; exploitation requires victim to process malicious CDXML file.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Fixed in commit e23a224b8fd9d7c2a7cde9ef4ec6afb4c05aa08a and later

Vendor Advisory: https://github.com/openbabel/openbabel/issues/2848

Restart Required: Yes

Instructions:

1. Update Open Babel to version after 3.1.1 or apply commit e23a224b8fd9d7c2a7cde9ef4ec6afb4c05aa08a. 2. Rebuild from source if using compiled version. 3. Restart any services using Open Babel.

🔧 Temporary Workarounds

Disable CDXML file processing

all

Remove or disable CDXML file handler functionality to prevent exploitation

# Recompile Open Babel with CDXML support disabled
# Modify configuration to reject CDXML files

Input validation for CDXML files

all

Implement strict validation of CDXML files before processing

# Add file validation checks in application code
# Use file type verification before passing to Open Babel

🧯 If You Can't Patch

  • Implement network segmentation to isolate Open Babel instances from untrusted networks
  • Use application sandboxing or containerization to limit impact of crashes

🔍 How to Verify

Check if Vulnerable:

Check Open Babel version: openbabel --version. If version is 3.1.1 or earlier, system is vulnerable.

Check Version:

openbabel --version

Verify Fix Applied:

Verify commit e23a224b8fd9d7c2a7cde9ef4ec6afb4c05aa08a is included in your build or version is later than 3.1.1.

📡 Detection & Monitoring

Log Indicators:

  • Application crashes with segmentation faults
  • Error messages referencing atom.cpp or CDXML processing

Network Indicators:

  • Unexpected CDXML file uploads to systems running Open Babel

SIEM Query:

source="application.log" AND ("segmentation fault" OR "null pointer" OR "CDXML")

📊 Metadata

CVE ID: CVE-2026-3408
CVSS v3 Score: 4.3 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
CWE: CWE-404
Published: March 2, 2026
Last Updated: March 4, 2026

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2026-3408, you might also want to check these:

CVE-2025-38385 7.8

This CVE describes a kernel warning triggered during USB device disconnection in the Linux kernel's ...

Same vulnerability type (CWE-404)
CVE-2022-23033 7.8

This Xen hypervisor vulnerability on ARM systems allows guest virtual machines to retain access to m...

Same vulnerability type (CWE-404)
CVE-2021-0984 7.8

This vulnerability in Android 12 allows local privilege escalation without user interaction. An inco...

Same vulnerability type (CWE-404)