CVE-2026-42480

Name of the Vulnerable Software and Affected Versions Open CASCADE Technology (OCCT) version V8 0 0 rc5

Description A stack-based out-of-bounds read in the VRML parser occurs within the VrmlData Scene::ReadLine() function. The quoted-string escape handler utilizes ptr[++anOffset] without adequate bounds checking, which may lead to reading data beyond the end of a fixed-size stack buffer. This can be exploited by an attacker using a specially crafted VRML file to cause a denial of service.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.