VYPR
Vendor

Opencascade

Products
2
CVEs
6
Across products
8
Status
Private

Products

2

Recent CVEs

6
  • CVE-2026-42478HigMay 1, 2026
    risk 0.49cvss 7.5epss 0.00

    An issue was discovered in VrmlData_IndexedFaceSet::TShape in the VRML V2.0 parser in Open CASCADE Technology (OCCT) V8_0_0_rc5 allows attackers to cause a denial of service via a crafted VRML file. The issue occurs because malformed VRML input can trigger dereference of a…

  • CVE-2026-42477HigMay 1, 2026
    risk 0.46cvss 7.1epss 0.00

    A heap-based out-of-bounds read vulnerability in RWObj_Reader::read in the OBJ file parser in Open CASCADE Technology (OCCT) V8_0_0_rc5 allows user-assisted attackers to cause a denial of service or obtain sensitive information by persuading a victim to open a crafted OBJ file.…

  • CVE-2026-42476HigMay 1, 2026
    risk 0.46cvss 7.1epss 0.00

    Two heap-based out-of-bounds read vulnerabilities in the STL ASCII file parser in Open CASCADE Technology (OCCT) V8_0_0_rc5 exist in RWStl_Reader::ReadAscii because buffers returned by Standard_ReadLineBuffer::ReadLine() are not properly length-validated before strncasecmp or…

  • CVE-2026-42481MedMay 1, 2026
    risk 0.36cvss 5.5epss 0.00

    Open CASCADE Technology (OCCT) V8_0_0_rc5 contains multiple vulnerabilities in its IGES and STEP file parsers that can be triggered by crafted IGES or STEP files. These issues include an out-of-bounds read in Geom2d_BSplineCurve::EvalD0 during IGES B-spline curve evaluation, an…

  • CVE-2026-42480MedMay 1, 2026
    risk 0.36cvss 5.5epss 0.00

    A stack-based out-of-bounds read vulnerability in VrmlData_Scene::ReadLine in the VRML parser in Open CASCADE Technology (OCCT) V8_0_0_rc5 allows attackers to cause a denial of service via a crafted VRML file. The issue occurs because the quoted-string escape handler uses…

  • CVE-2026-42479MedMay 1, 2026
    risk 0.36cvss 5.5epss 0.00

    An out-of-bounds read vulnerability in VrmlData_IndexedLineSet::TShape in the VRML parser in Open CASCADE Technology (OCCT) V8_0_0_rc5 allows attackers to cause a denial of service via a crafted VRML file. The issue occurs because coordIndex values from parsed input are used as…