CVE-2026-8088

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions OSGeo gdal versions prior to 3.13.0RC1

Description A weakness in the GDfieldinfo() function within the frmts/hdf4/hdf-eos/GDapi.c file can lead to an out-of-bounds read, which occurs when a program reads data past the end of the intended buffer. This issue requires the attack to be launched locally.

Recommendations Upgrade to version 3.13.0RC1.

Exploit

Fix

Buffer Overflow

Out of bounds Read

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119CWE-125

Related Identifiers

BIT-GDAL-2026-8088

CVE-2026-8088

ECHO-1EEA-BB40-C2E4

GHSA-J3F5-RW74-G4RV

Affected Products

Gdal

CVE-2026-8088

Weakness Enumeration

Related Identifiers

Affected Products

References · 17