CVE-2026-49014
7.4 HIGHIn GDAL 3.1.0 through 3.13.0, scanForGeometryContainers in the netCDF driver allows code execution via a stack-based buffer overflow
Published: 2026-05-27 · Last updated: 2026-06-04
Severity and scoring
- CVSS
- 7.4 HIGH
- Vector
- CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
- CWE
- CWE-121
Affected products
| Vendor | Product |
|---|---|
| osgeo | gdal |
Description
In GDAL 3.1.0 through 3.13.0, scanForGeometryContainers in the netCDF driver allows code execution via a stack-based buffer overflow. It reads a geometry attribute into a fixed-size stack buffer without validating the attribute length. The attacker embeds the exploit as an oversized geometry attribute in a crafted NetCDF file. This achieves arbitrary code execution on the server running GDAL. This is in frmts/netcdf/netcdfsg.cpp.
Source: NVD
References
- [NVD]https://nvd.nist.gov/vuln/detail/CVE-2026-49014
- [Vendor advisory]https://github.com/OSGeo/gdal/issues/14594
- [Vendor advisory]https://github.com/OSGeo/gdal/issues/14594
Related CVEs
Same vendor
- CVE-2026-45104 — MapServer is a system for developing web-based GIS applications (7.5 HIGH)
- CVE-2026-8213 — A vulnerability has been found in OSGeo gdal up to 3.13.0dev-4 (5.3 MEDIUM)
- CVE-2026-8212 — A flaw has been found in OSGeo gdal up to 3.13.0dev-4 (5.3 MEDIUM)
Same CWE
- CVE-2026-49760 — Stack-based Buffer Overflow vulnerability in Erlang OTP (erl_interface) allows Stack-based Buffer Overflow
- CVE-2026-49759 — Stack-based Buffer Overflow vulnerability in Erlang OTP erts (inet_drv) allows an unauthenticated remote attacker to crash the BEAM VM by...
- CVE-2026-26241 — A buffer overflow vulnerability has been reported to affect File Station 5
- CVE-2026-26240 — A buffer overflow vulnerability has been reported to affect File Station 5
- CVE-2026-26239 — A buffer overflow vulnerability has been reported to affect File Station 5