HIGH
Opencascade
CVE published 2026-05-01
CVE-2026-42477
CVE-2026-42477 affects Open CASCADE Technology (OCCT) OBJ file parsing and is triggered when a victim opens a crafted OBJ file. The issue is a heap-based out-of-bounds read in RWObj_Reader::read, which can lead to denial of service and may expose sensitive information. NVD maps the issue to OCCT versions up through 7.9.3 and the 8.0.0 beta/RC line through rc5, with a published date of 2026-05-01 and a lat [truncated]