CVE-2026-8212 - Vulnerability Details

- OSGeo gdal SWapi.c SWSDfldsrch heap-based overflow

Description

A flaw has been found in OSGeo gdal up to 3.13.0dev-4. Affected by this vulnerability is the function SWSDfldsrch of the file frmts/hdf4/hdf-eos/SWapi.c. Executing a manipulation can lead to heap-based buffer overflow. The attack requires local access. The exploit has been published and may be used. Upgrading to version 3.13.0RC1 addresses this issue. This patch is called 3e04c0385630e4d42517046d9a4967dfccfeb7fd. The affected component should be upgraded.

Published: 2026-05-09

Score: 4.8 Medium

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

Impact

The flaw resides in the SWSDfldsrch function of OSGeo GDAL, where improper bounds checking causes a heap-based buffer overflow. This overflow can corrupt adjacent memory, potentially leading to arbitrary code execution or application crashes. The weakness maps to CWE-119, CWE-122, and CWE-125.

Affected Systems

OSGeo GDAL versions up to and including 3.13.0dev-4 are vulnerable; upgrading to 3.13.0RC1 or later resolves the issue by applying the commit that fixes the overflow.

Risk and Exploitability

The CVSS score of 4.8 indicates medium severity. An EPSS score of < 1% indicates a low exploitation probability, and the vulnerability is not listed in CISA KEV. Because local access is required and an exploit has already been published, operators with local privileges must act promptly to mitigate the risk of local code execution or denial of service.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

OSGeo

gdal

affected

Version	Status	Constraints
`3.13.0dev-4`	affected	—
`3.13.0RC1`	unaffected	—

Configuration 1 [-]

OR	cpe:2.3:a:osgeo:gdal::::::::
	cpe:2.3:a:osgeo:gdal:3.13.0:beta1::::::
	cpe:2.3:a:osgeo:gdal:3.13.0:beta2::::::

No data.

Vendor Product Confidence Versions

Osgeo

Gdal

95%

Version	Status	Scheme	Platform
`3.13.0dev-4`	affected	generic	—
`3.13.0RC1`	unaffected	generic	—

Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Upgrade GDAL to 3.13.0RC1 or any later release that includes the security fix.
Configure the operating system to run GDAL processes with the least privileges necessary and deny write access to directories containing untrusted data to reduce the chance that an attacker can execute the vulnerable function.
If the SWSDfldsrch functionality is not required, disable or remove its usage in application workflows to eliminate the attack surface.

Generated by OpenCVE AI on May 19, 2026 at 21:52 UTC.

Tracking

Sign in to view the affected projects.

Advisories

Source	ID	Title
Github GHSA	GHSA-r5m4-5vww-w9f5	OSGeo gdal has a heap-based buffer overflow

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact Low

Vulnerable System Integrity Impact Low

Vulnerable System Availability Impact Low

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact Low

User Interaction None

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact Low

User Interaction None

Access Vector Local

Access Complexity Low

Authentication Single

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

This CVE is not in the KEV list.

The EPSS score is 0.00022.

Exploitation poc

Automatable no

Technical Impact partial

References

Link	Providers
https://github.com/OSGeo/gdal/
https://github.com/OSGeo/gdal/commit/3e04c0385630e4d42517046d9a4967dfccfeb7fd
https://github.com/OSGeo/gdal/issues/14398
https://github.com/OSGeo/gdal/releases/tag/v3.13.0RC1
https://github.com/biniamf/pocs/tree/main/gdal-swsdfldsrch_oob-read
https://vuldb.com/submit/808127
https://vuldb.com/vuln/362429
https://vuldb.com/vuln/362429/cti

History

Tue, 19 May 2026 20:15:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-125
CPEs		cpe:2.3:a:osgeo:gdal:3.13.0:beta1:::::: cpe:2.3:a:osgeo:gdal:3.13.0:beta2::::::

Mon, 11 May 2026 15:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Sat, 09 May 2026 22:45:00 +0000

Type	Values Removed	Values Added
Description		A flaw has been found in OSGeo gdal up to 3.13.0dev-4. Affected by this vulnerability is the function SWSDfldsrch of the file frmts/hdf4/hdf-eos/SWapi.c. Executing a manipulation can lead to heap-based buffer overflow. The attack requires local access. The exploit has been published and may be used. Upgrading to version 3.13.0RC1 addresses this issue. This patch is called 3e04c0385630e4d42517046d9a4967dfccfeb7fd. The affected component should be upgraded.
Title		OSGeo gdal SWapi.c SWSDfldsrch heap-based overflow
First Time appeared		Osgeo Osgeo gdal
Weaknesses		CWE-119 CWE-122
CPEs		cpe:2.3:a:osgeo:gdal::::::::
Vendors & Products		Osgeo Osgeo gdal
References		https://github.com/OSGeo/gdal/ https://github.com/OSGeo/gdal/commit/3e04c0385630e4d42517046d9a4967dfccfeb7fd https://github.com/OSGeo/gdal/issues/14398 https://github.com/OSGeo/gdal/releases/tag/v3.13.0RC1 https://github.com/biniamf/pocs/tree/main/gdal-swsdfldsrch_oob-read https://vuldb.com/submit/808127 https://vuldb.com/vuln/362429 https://vuldb.com/vuln/362429/cti
Metrics		cvssV2_0 `{'score': 4.3, 'vector': 'AV:L/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:OF/RC:C'}` cvssV3_0 `{'score': 5.3, 'vector': 'CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C'}` cvssV3_1 `{'score': 5.3, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C'}` cvssV4_0 `{'score': 4.8, 'vector': 'CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P'}`

Subscriptions

Osgeo Gdal

MITRE

Status: PUBLISHED

Assigner: VulDB

Published: 2026-05-09T22:30:12.527Z

Updated: 2026-05-11T14:56:32.914Z

Reserved: 2026-05-09T07:09:13.290Z

Link: CVE-2026-8212

Vulnrichment

Updated: 2026-05-11T14:56:29.371Z

NVD

Status : Analyzed

Published: 2026-05-09T23:16:33.113

Modified: 2026-05-19T20:01:14.583

Link: CVE-2026-8212

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-05-19T22:00:12Z

Weaknesses

Impact

Affected Systems

Risk and Exploitability

Tracking

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact Low

Vulnerable System Integrity Impact Low

Vulnerable System Availability Impact Low

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact Low

User Interaction None

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact Low

User Interaction None

Access Vector Local

Access Complexity Low

Authentication Single

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

Exploitation poc

Automatable no

Technical Impact partial

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object