A code execution vulnerability exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. An out of bounds read vulnerability exists in Nef_2/PM_io_parser.h PM_io_parser::read_hedge() e->set_next(). An attacker can provide malicious input to trigger this vulnerability.