{"api_version":"1","generated_at":"2026-05-01T19:10:00+00:00","cve":"CVE-2026-42477","urls":{"html":"https://cve.report/CVE-2026-42477","api":"https://cve.report/api/cve/CVE-2026-42477.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2026-42477","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2026-42477"},"summary":{"title":"CVE-2026-42477","description":"A heap-based out-of-bounds read vulnerability in RWObj_Reader::read in the OBJ file parser in Open CASCADE Technology (OCCT) V8_0_0_rc5 allows user-assisted attackers to cause a denial of service or obtain sensitive information by persuading a victim to open a crafted OBJ file. The issue occurs because Standard_ReadLineBuffer::ReadLine() can return a 1-byte buffer for a minimal OBJ line, and RWObj_Reader::read() calls pushIndices(aLine + 2) without validating the buffer length.","state":"PUBLISHED","assigner":"mitre","published_at":"2026-05-01 15:16:43","updated_at":"2026-05-01 17:48:08"},"problem_types":["CWE-125","n/a"],"metrics":[{"version":"3.1","source":"nvd@nist.gov","type":"Primary","score":"7.1","severity":"HIGH","vector":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H","data":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H","baseScore":7.1,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"HIGH"}}],"references":[{"url":"https://gist.github.com/sgInnora/dfba083d04906283e9c92aea78e2d94a","name":"https://gist.github.com/sgInnora/dfba083d04906283e9c92aea78e2d94a","refsource":"cve@mitre.org","tags":["Third Party Advisory"],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://www.cve.org/CVERecord?id=CVE-2026-42477","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-42477","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"n/a","product":"n/a","version":"affected n/a","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2026","cve_id":"42477","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"opencascade","cpe5":"open_cascade_technology","cpe6":"8.0.0","cpe7":"beta1","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"42477","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"opencascade","cpe5":"open_cascade_technology","cpe6":"8.0.0","cpe7":"rc1","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"42477","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"opencascade","cpe5":"open_cascade_technology","cpe6":"8.0.0","cpe7":"rc2","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"42477","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"opencascade","cpe5":"open_cascade_technology","cpe6":"8.0.0","cpe7":"rc3","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"42477","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"opencascade","cpe5":"open_cascade_technology","cpe6":"8.0.0","cpe7":"rc4","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"42477","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"opencascade","cpe5":"open_cascade_technology","cpe6":"8.0.0","cpe7":"rc5","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"42477","vulnerable":"1","versionEndIncluding":"7.9.3","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"opencascade","cpe5":"open_cascade_technology","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"cna":{"affected":[{"product":"n/a","vendor":"n/a","versions":[{"status":"affected","version":"n/a"}]}],"descriptions":[{"lang":"en","value":"A heap-based out-of-bounds read vulnerability in RWObj_Reader::read in the OBJ file parser in Open CASCADE Technology (OCCT) V8_0_0_rc5 allows user-assisted attackers to cause a denial of service or obtain sensitive information by persuading a victim to open a crafted OBJ file. The issue occurs because Standard_ReadLineBuffer::ReadLine() can return a 1-byte buffer for a minimal OBJ line, and RWObj_Reader::read() calls pushIndices(aLine + 2) without validating the buffer length."}],"problemTypes":[{"descriptions":[{"description":"n/a","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2026-05-01T14:54:13.897Z","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"references":[{"url":"https://gist.github.com/sgInnora/dfba083d04906283e9c92aea78e2d94a"}]}},"cveMetadata":{"assignerOrgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","assignerShortName":"mitre","cveId":"CVE-2026-42477","datePublished":"2026-05-01T00:00:00.000Z","dateReserved":"2026-04-27T00:00:00.000Z","dateUpdated":"2026-05-01T14:54:13.897Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.2"},"nvd":{"publishedDate":"2026-05-01 15:16:43","lastModifiedDate":"2026-05-01 17:48:08","problem_types":["CWE-125","n/a"],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H","baseScore":7.1,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.2}]},"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:opencascade:open_cascade_technology:*:*:*:*:*:*:*:*","versionEndIncluding":"7.9.3","matchCriteriaId":"13B8FE30-EAE8-4F3E-8F5C-E81BD438FF6C"},{"vulnerable":true,"criteria":"cpe:2.3:a:opencascade:open_cascade_technology:8.0.0:beta1:*:*:*:*:*:*","matchCriteriaId":"0B51DDC9-FDA5-4701-8CA3-5B589D72FA88"},{"vulnerable":true,"criteria":"cpe:2.3:a:opencascade:open_cascade_technology:8.0.0:rc1:*:*:*:*:*:*","matchCriteriaId":"57733587-FB01-4201-8509-E81B6AE94AE3"},{"vulnerable":true,"criteria":"cpe:2.3:a:opencascade:open_cascade_technology:8.0.0:rc2:*:*:*:*:*:*","matchCriteriaId":"86CF4B98-CCD3-4463-9A24-231128DDF85A"},{"vulnerable":true,"criteria":"cpe:2.3:a:opencascade:open_cascade_technology:8.0.0:rc3:*:*:*:*:*:*","matchCriteriaId":"F3987B9C-2448-4281-9A5C-FB6AF0336C3B"},{"vulnerable":true,"criteria":"cpe:2.3:a:opencascade:open_cascade_technology:8.0.0:rc4:*:*:*:*:*:*","matchCriteriaId":"632D1594-AD1F-4F80-86F7-F8850F3574EC"},{"vulnerable":true,"criteria":"cpe:2.3:a:opencascade:open_cascade_technology:8.0.0:rc5:*:*:*:*:*:*","matchCriteriaId":"267468E1-F54F-44AF-B74F-DFD29354243B"}]}]}]},"legacy_mitre":{"record":{"CveYear":"2026","CveId":"42477","Ordinal":"1","Title":"CVE-2026-42477","CVE":"CVE-2026-42477","Year":"2026"},"notes":[{"CveYear":"2026","CveId":"42477","Ordinal":"1","NoteData":"A heap-based out-of-bounds read vulnerability in RWObj_Reader::read in the OBJ file parser in Open CASCADE Technology (OCCT) V8_0_0_rc5 allows user-assisted attackers to cause a denial of service or obtain sensitive information by persuading a victim to open a crafted OBJ file. The issue occurs because Standard_ReadLineBuffer::ReadLine() can return a 1-byte buffer for a minimal OBJ line, and RWObj_Reader::read() calls pushIndices(aLine + 2) without validating the buffer length.","Type":"Description","Title":"CVE-2026-42477"}]}}}