Summary A memory-safety vulnerability in Open Babel's MOPAC input parser allowed an out-of-bounds write into the translationVectors[] array when reading Tv (translation-vector) atoms from a crafted input file. Details T…
| CVE ID | CVE-2022-46294 |
| Vendor | pip |
| Affected Product | openbabel |
| Vulnerability Type | Vulnerability |
| CVSS Score | 7.8 (HIGH) |
| Actively Exploited | ❌ No known exploitation |
| Patch Status | See Vendor Advisory → |
| Reported By | CYBERDUDEBIVASH SENTINEL APEX Intelligence (via github_advisories) |
#
allowed an out-of-bounds write into the translationVectors[] array when reading Tv (translation-vector) atoms from a crafted input file.
fixed-size translationVectors[] array. A malformed input with more than three Tv atoms (or three plus extras) could push more vectors than the array had slots, causing a write past the end of the array. One of five translationVectors[] OOB writes in the TALOS 2022 batch.
file formats; it is shipped by Linux distributions and embedded in services that may parse untrusted input. Triggering this vulnerability requires the vic
Sigma rules, YARA signatures, IOC table, and SIEM queries for Splunk, Elastic, Sentinel, and Chronicle — deployable in 5 minutes.