CVE-2026-8086
A vulnerability was identified in OSGeo gdal up to 3.13.0dev-4. This issue affects the function SWnentries of the file frmts/hdf4/hdf-eos/SWapi.c. Such manipulation of the argument DimensionName leads to heap-based buffer overflow. The attack must be carried out locally. The exploit is publicly available and might be used. Upgrading to version 3.12.4RC1 is capable of addressing this issue. The name of the patch is 9491e794f1757f08063ea2f7a274ad2994afa636. It is advisable to upgrade the affected component.
Public Exploit Available
A Proof-of-Concept (PoC) or exploit code for this vulnerability is publicly available. This significantly increases the risk of exploitation.
Exploitation Probability (EPSS)
Low PriorityThe Exploit Prediction Scoring System (EPSS) uses machine learning to estimate the probability that a vulnerability will be exploited in the wild within the next 30 days.
7-Day Exploitation Trend
Vulnerability Timeline
2 eventsThreat Actor Attribution
PREMIUM INTELRemediation & Mitigation
SOLUTIONOfficial patches and mitigation steps are available for this vulnerability.
apt-get update && apt-get upgrade -y specific-package
# Verify installation
dpkg -l | grep package-name
Affected Products
References
PoC ExploitAm I Vulnerable?
Check your domain or package.json for CVE-2026-8086 exposure.
Vulnerability Details
Need Manual Validation?
Automated scanners flag false positives. Get a manual pentest validation for this CVE.