CVE-2026-8088 | OSGeo gdal up to 3.13.0dev-4 GDapi.c GDfieldinfo out-of-bounds (Issue 14379)

A vulnerability labeled as problematic has been found in OSGeo gdal up to 3.13.0dev-4. The affected element is the function GDfieldinfo of the file frmts/hdf4/hdf-eos/GDapi.c. Executing a manipulation can lead to out-of-bounds read.

This vulnerability is registered as CVE-2026-8088. The attack needs to be launched locally. Furthermore, an exploit is available.

The affected component should be upgraded.VulDB Recent EntriesRead More