CVE-2026-42479 — MEDIUM (5.5)

Q: How severe is CVE-2026-42479?

CVE-2026-42479 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2026-42479?

Check the references section above for vendor advisories and patch information. Affected products include: Opencascade Open Cascade Technology.

Vulnerability Description

An out-of-bounds read vulnerability in VrmlData_IndexedLineSet::TShape in the VRML parser in Open CASCADE Technology (OCCT) V8_0_0_rc5 allows attackers to cause a denial of service via a crafted VRML file. The issue occurs because coordIndex values from parsed input are used as direct array indices without validation against the size of the coordinate array during geometry processing.

CVSS Score

5.5

MEDIUM

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality

NONE

Integrity

NONE

Availability

HIGH

Affected Products

Vendor	Product	Versions
Opencascade	Open Cascade Technology	<= 7.9.3

Related Weaknesses (CWE)

CWE-125

References

https://gist.github.com/sgInnora/dfba083d04906283e9c92aea78e2d94aThird Party Advisory

FAQ

What is CVE-2026-42479?

CVE-2026-42479 is a vulnerability with a CVSS score of 5.5 (MEDIUM). An out-of-bounds read vulnerability in VrmlData_IndexedLineSet::TShape in the VRML parser in Open CASCADE Technology (OCCT) V8_0_0_rc5 allows attackers to cause a denial of service via a crafted VRML ...

How severe is CVE-2026-42479?

CVE-2026-42479 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2026-42479?

Check the references section above for vendor advisories and patch information. Affected products include: Opencascade Open Cascade Technology.