PatchSiren

PatchSiren cyber security CVE debrief

CVE-2026-8213 Vuldb CVE debrief

CVE-2026-8213 is a locally exploitable memory-safety issue in OSGeo GDAL’s Grid File Handler. The provided record says the affected function is GDSDfldsrch in frmts/hdf4/hdf-eos/GDapi.c and that the condition can lead to a heap-based buffer overflow. The source metadata also notes that a public exploit has been disclosed. From a defensive perspective, this is most relevant anywhere GDAL is used to process HDF4/HDF-EOS grid data, especially on systems where untrusted files may be opened by users or services.

Vendor
Vuldb
Product
Unknown
CVSS
LOW 1.9
CISA KEV
Not listed in stored evidence
Original CVE published
2026-05-09
Original CVE updated
2026-05-09
Advisory published
2026-05-09
Advisory updated
2026-05-09

Who should care

Administrators and developers who deploy GDAL, particularly environments that ingest HDF4/HDF-EOS grid files. This includes GIS tooling, data processing pipelines, desktop applications, and any service that lets a local user trigger GDAL parsing of attacker-controlled files.

Technical summary

The CVE record and source metadata describe a heap-based buffer overflow in GDAL’s Grid File Handler, specifically the GDSDfldsrch function in frmts/hdf4/hdf-eos/GDapi.c. The CVSS vector supplied by the source indicates local attack requirements and limited impact, consistent with a low-severity memory corruption issue. The record links the fix to commit 3e04c0385630e4d42517046d9a4967dfccfeb7fd and states that upgrading to GDAL 3.13.0RC1 resolves the issue.

Defensive priority

Moderate for systems that process untrusted local files; otherwise low. The CVSS score is low, but memory corruption plus a referenced public exploit warrant timely patching where GDAL is exposed to user-controlled inputs.

Recommended defensive actions

  • Upgrade OSGeo GDAL to version 3.13.0RC1 or later.
  • Verify whether your applications, services, or scripts use the HDF4/HDF-EOS Grid File Handler path.
  • Restrict which local users or processes can supply files to GDAL-based workflows.
  • Treat untrusted HDF4/HDF-EOS files as potentially dangerous until patching is complete.
  • Confirm deployment includes the fix associated with commit 3e04c0385630e4d42517046d9a4967dfccfeb7fd.
  • Monitor upstream GDAL advisories and release notes for backported fixes or downstream packages.

Evidence notes

This debrief is based only on the supplied CVE/NVD metadata and the listed source references. The source record identifies OSGeo GDAL, function GDSDfldsrch, file frmts/hdf4/hdf-eos/GDapi.c, a heap-based buffer overflow, local attack requirements, a public exploit reference, and a fix in GDAL 3.13.0RC1 tied to commit 3e04c0385630e4d42517046d9a4967dfccfeb7fd. Timeline context uses the supplied CVE published/modified timestamps of 2026-05-09T23:16:33.290Z.

Official resources

The supplied source metadata indicates the issue was publicly disclosed by the time it was published in the NVD feed on 2026-05-09T23:16:33.290Z. This debrief does not infer any earlier disclosure date beyond the provided record.