CVE-2026-42476
Published: 01 May 2026
Summary
CVE-2026-42476 is a high-severity Out-of-bounds Read (CWE-125) vulnerability in Opencascade Open Cascade Technology. Its CVSS base score is 7.1 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Malicious File (T1204.002); ranked at the 2.8th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).
Deeper analysis
CVE-2026-42476 involves two heap-based out-of-bounds read vulnerabilities in the STL ASCII file parser of Open CASCADE Technology (OCCT) version V8_0_0_rc5. The issues reside in the RWStl_Reader::ReadAscii function, where buffers returned by Standard_ReadLineBuffer::ReadLine() are not properly length-validated before being used in strncasecmp operations or direct byte access. These flaws are classified under CWE-125 and were published on 2026-05-01.
Attackers require user interaction to exploit these vulnerabilities, as indicated by the CVSS v3.1 base score of 7.1 (AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H). A user-assisted attacker can craft an STL file with extremely short lines and persuade a victim to open it in an affected application, potentially triggering a denial of service through application crash or enabling information disclosure via out-of-bounds memory reads.
Mitigation details are available in the referenced advisory at https://gist.github.com/sgInnora/dfba083d04906283e9c92aea78e2d94a.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2026-26599
Vulnerability details
Two heap-based out-of-bounds read vulnerabilities in the STL ASCII file parser in Open CASCADE Technology (OCCT) V8_0_0_rc5 exist in RWStl_Reader::ReadAscii because buffers returned by Standard_ReadLineBuffer::ReadLine() are not properly length-validated before strncasecmp or direct byte access. User-assisted attackers can trigger these…
more
issues by persuading a victim to open a crafted STL file with extremely short lines, resulting in a denial of service or possible information disclosure.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Vulnerability is a client-side file parser flaw (out-of-bounds read in STL ASCII handling) directly exploited by delivering a crafted malicious STL file that the victim opens in an affected application, mapping to T1204.002 Malicious File.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly addresses the core vulnerability by requiring length validation of buffers returned from Standard_ReadLineBuffer::ReadLine() before strncasecmp or byte access in the OCCT STL ASCII parser.
Provides for identification, reporting, and correction of the specific heap-based out-of-bounds read flaws in RWStl_Reader::ReadAscii of OCCT V8_0_0_rc5.
Mitigates exploitation of heap-based out-of-bounds reads by implementing safeguards to protect memory from unauthorized access during file parsing.