CVE-2026-8087 | OSGeo gdal up to 3.13.0dev-4 GDapi.c GDnentries DataFieldName heap-based overflow

A vulnerability identified as critical has been detected in OSGeo gdal up to 3.13.0dev-4. Impacted is the function GDnentries of the file frmts/hdf4/hdf-eos/GDapi.c. Performing a manipulation of the argument DataFieldName results in heap-based buffer overflow.

This vulnerability is cataloged as CVE-2026-8087. The attack must be initiated from a local position. Furthermore, there is an exploit available.

You should upgrade the affected component.VulDB Recent EntriesRead More