Description
A security flaw has been discovered in OSGeo gdal up to 3.13.0dev-4. Impacted is the function GDnentries of the file frmts/hdf4/hdf-eos/GDapi.c. Performing a manipulation of the argument DataFieldName results in heap-based buffer overflow. The attack must be initiated from a local position. The exploit has been released to the public and may be used for attacks. Upgrading to version 3.13.0RC1 is recommended to address this issue. The patch is named 184f77dbcc74118c062c05e464c88161d3c37b9b. You should upgrade the affected component.
Published: 2026-05-07
Score: 4.8 Medium
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A flaw in OSGeo GDAL causes a heap-based buffer overflow when the GDnentries function in GDapi.c processes a malformed DataFieldName argument. The overflow breaches heap memory boundaries, and it notes that the attack must originate locally. A public exploit is available, indicating that the vulnerability can be leveraged by an adversary who controls data processed by GDAL.

Affected Systems

The issue exists in all OSGeo GDAL releases up to and including 3.13.0dev-4. Users are advised to upgrade to version 3.13.0RC1 or newer, which incorporates the patch identified by commit 184f77dbcc74118c062c05e464c88161d3c37b9b. No other vendors or products are currently reported as affected.

Risk and Exploitability

The CVSS score of 4.8 places the flaw in the moderate severity range, while the EPSS score is not available, suggesting limited publicly observed exploitation data. The vulnerability is not listed in the CISA KEV catalog, yet the existence of a released exploit means that any system running GDAL and processing untrusted data is at risk. Because the attack vector is local, protecting GDAL execution to trusted users and environments reduces exposure, but the presence of a local exploit makes remediation a priority.

Generated by OpenCVE AI on May 7, 2026 at 21:35 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade OSGeo GDAL to version 3.13.0RC1 or newer, which includes the necessary patch.
  • If an upgrade cannot be performed immediately, run GDAL under a non‑privileged account and limit it to trusted input sources; consider disabling the GDnentries functionality if it is not required.
  • Apply memory‑protection mechanisms such as DEP/NX to systems that execute GDAL to reduce the impact of any remaining heap corruption.

Generated by OpenCVE AI on May 7, 2026 at 21:35 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 07 May 2026 19:30:00 +0000

Type Values Removed Values Added
Description A security flaw has been discovered in OSGeo gdal up to 3.13.0dev-4. Impacted is the function GDnentries of the file frmts/hdf4/hdf-eos/GDapi.c. Performing a manipulation of the argument DataFieldName results in heap-based buffer overflow. The attack must be initiated from a local position. The exploit has been released to the public and may be used for attacks. Upgrading to version 3.13.0RC1 is recommended to address this issue. The patch is named 184f77dbcc74118c062c05e464c88161d3c37b9b. You should upgrade the affected component.
Title OSGeo gdal GDapi.c GDnentries heap-based overflow
First Time appeared Osgeo
Osgeo gdal
Weaknesses CWE-119
CWE-122
CPEs cpe:2.3:a:osgeo:gdal:*:*:*:*:*:*:*:*
Vendors & Products Osgeo
Osgeo gdal
References
Metrics cvssV2_0

{'score': 4.3, 'vector': 'AV:L/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:OF/RC:C'}

cvssV3_0

{'score': 5.3, 'vector': 'CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C'}

cvssV3_1

{'score': 5.3, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C'}

cvssV4_0

{'score': 4.8, 'vector': 'CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P'}

Subscriptions

Osgeo Gdal
cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published:

Updated: 2026-05-07T19:00:15.040Z

Reserved: 2026-05-07T12:34:23.855Z

Link: CVE-2026-8087

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-05-07T20:16:45.343

Modified: 2026-05-07T20:32:03.640

Link: CVE-2026-8087

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-07T21:45:36Z

Weaknesses