CVE-2026-49014

HIGH

Gdal < 3.13.0 - Stack-based Buffer Overflow

Title source: rule

Description

In GDAL 3.1.0 through 3.13.0, scanForGeometryContainers in the netCDF driver allows code execution via a stack-based buffer overflow. It reads a geometry attribute into a fixed-size stack buffer without validating the attribute length. The attacker embeds the exploit as an oversized geometry attribute in a crafted NetCDF file. This achieves arbitrary code execution on the server running GDAL. This is in frmts/netcdf/netcdfsg.cpp.

References (1)

Core 1

Core References

https://github.com/OSGeo/gdal/issues/14594

Scores

CVSS v3 7.4

EPSS 0.0010

EPSS Percentile 1.2%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact total

Details

CWE

CWE-121

Status published

Products (2)

GDAL/GDAL 3.1.0 - 3.13.0

osgeo/gdal 3.1.0 - 3.13.0

Published May 27, 2026

Tracked Since May 27, 2026