CVE-2025-10995 is a security vulnerability identified in Open Babel versions up to 3.1.1, specifically affecting the function zlib_stream::basic_unzip_streambuf::underflow within the source file /src/zipstreamimpl.h. The vulnerability results from improper handling of data during decompression operations, leading to memory corruption. This type of flaw can cause unpredictable behavior including application crashes, data corruption, or potentially arbitrary code execution if exploited. The vulnerability requires local access with at least low privileges (PR:L) and does not require user interaction (UI:N). The attack complexity is low (AC:L), indicating that an attacker with local access can reliably trigger the flaw without needing specialized conditions. The CVSS 4.0 base score is 4.8, categorized as medium severity, reflecting limited impact due to the local access requirement and the lack of known exploits in the wild at the time of publication. The vulnerability affects the decompression stream buffer mechanism in Open Babel, a widely used open-source chemical toolbox designed to speak the many languages of chemical data. Exploitation could allow an attacker with local access to cause memory corruption, potentially leading to denial of service or escalation of privileges if combined with other vulnerabilities. No patches or fixes are linked in the provided data, indicating that users should monitor for updates from the Open Babel project. The vulnerability was publicly disclosed shortly after being reserved, suggesting a rapid publication cycle but no immediate exploitation evidence.

For European organizations, the impact of CVE-2025-10995 depends largely on their use of Open Babel in local environments. Open Babel is commonly used in academic, pharmaceutical, chemical research, and bioinformatics sectors for molecular modeling and chemical data processing. Organizations in these sectors may run Open Babel on workstations or servers where local users or processes could exploit this vulnerability. The local access requirement limits remote exploitation, reducing risk for perimeter-facing systems. However, insider threats or compromised user accounts could leverage this flaw to destabilize systems or escalate privileges. Memory corruption vulnerabilities can lead to denial of service, impacting availability of critical research tools, or potentially enable code execution if chained with other vulnerabilities, threatening confidentiality and integrity of sensitive chemical data. Given the specialized nature of Open Babel, the threat is more pronounced in research institutions and companies involved in chemical and pharmaceutical development across Europe. Disruption or compromise in these environments could delay research, cause data loss, or expose proprietary chemical information. The absence of known exploits reduces immediate risk but does not eliminate the need for vigilance.

European organizations using Open Babel should implement the following specific mitigations: 1) Restrict local access to systems running Open Babel to trusted users only, enforcing strict access controls and user account management. 2) Monitor and audit local user activities on systems with Open Babel installations to detect unusual behavior that could indicate exploitation attempts. 3) Apply principle of least privilege to user accounts to minimize the impact of potential exploitation. 4) Segregate systems running Open Babel from critical infrastructure to contain potential compromise. 5) Stay informed about updates from the Open Babel project and apply patches promptly once available. 6) Consider deploying runtime memory protection techniques such as Address Space Layout Randomization (ASLR) and Data Execution Prevention (DEP) on affected systems to mitigate exploitation impact. 7) Conduct internal vulnerability assessments and penetration testing focusing on local privilege escalation and memory corruption vectors in environments where Open Babel is used. 8) Educate users about the risks of running untrusted code or opening unverified chemical data files locally to reduce inadvertent triggering of the vulnerability.