PT-2026-39425 · Osgeo · Gdal

Biniam

Published

2026-05-09

Updated

2026-05-20

CVE-2026-8213

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions OSGeo gdal versions prior to 3.13.0RC1

Description A heap-based buffer overflow exists in the Grid File Handler component. This issue occurs within the GDSDfldsrch() function located in the frmts/hdf4/hdf-eos/GDapi.c file. Exploitation requires local access to the system.

Recommendations Upgrade to version 3.13.0RC1.

Exploit

Fix

Out of bounds Read

Buffer Overflow

Heap Based Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-125CWE-119CWE-122

Related Identifiers

BIT-GDAL-2026-8213

CVE-2026-8213

ECHO-D3F2-76A4-B677

Affected Products

Gdal

PT-2026-39425 · Osgeo · Gdal

CVE-2026-8213

Weakness Enumeration

Related Identifiers

Affected Products

References · 21