CVE-2025-10999 is a medium-severity vulnerability identified in Open Babel versions 3.1.0 and 3.1.1. Open Babel is an open-source chemical toolbox designed to speak the many languages of chemical data. The vulnerability resides in the function CacaoFormat::SetHilderbrandt within the source file /src/formats/cacaoformat.cpp. Specifically, the issue is a NULL pointer dereference, which occurs when the function attempts to access or manipulate memory through a pointer that has not been properly initialized or has been set to NULL. This results in a program crash or denial of service. The vulnerability requires local access and low privileges (PR:L), meaning an attacker must have some level of access to the system to exploit it. No user interaction or authentication is required beyond local access. The CVSS 4.0 vector indicates low attack complexity and no privileges beyond local access are needed, but the impact is limited to availability (denial of service) with no confidentiality or integrity impact. The exploit has been publicly disclosed, increasing the risk of exploitation, although no known exploits in the wild have been reported yet. The vulnerability does not affect confidentiality or integrity but can cause application crashes, potentially disrupting workflows that rely on Open Babel for chemical data processing. No patches or fixes have been linked yet, so users must monitor for updates or apply workarounds.

For European organizations, the impact of this vulnerability is primarily related to availability. Organizations in pharmaceutical, chemical research, and academic sectors that utilize Open Babel for chemical data conversion and analysis could experience service interruptions or application crashes if this vulnerability is exploited. While the vulnerability does not lead to data breaches or unauthorized data modification, denial of service could disrupt critical research workflows or automated pipelines that depend on Open Babel, potentially causing delays or loss of productivity. Since exploitation requires local access, the threat is more relevant in environments where multiple users have access to the same systems or where attackers can gain initial footholds through other means. The public availability of an exploit increases the risk that attackers with local access could leverage this vulnerability to cause disruptions. However, the limited scope and requirement for local access reduce the likelihood of widespread impact across European organizations unless combined with other attack vectors.

1. Restrict local access to systems running Open Babel to trusted users only, implementing strict access controls and user account management. 2. Monitor systems for unusual crashes or application failures related to Open Babel, which could indicate exploitation attempts. 3. Employ application whitelisting and endpoint protection to detect and prevent exploitation attempts. 4. Until an official patch is released, consider isolating Open Babel usage to dedicated environments or containers to limit the blast radius of potential crashes. 5. Regularly check Open Babel project repositories and security advisories for patches or updates addressing this vulnerability and apply them promptly. 6. Educate users with local access about the risks and encourage reporting of any abnormal application behavior. 7. Implement system-level protections such as memory protection mechanisms (e.g., ASLR, DEP) to mitigate the impact of null pointer dereferences.