Browse all 7 CVE security advisories affecting OSGeo. AI-powered Chinese analysis, POCs, and references for each vulnerability.
OSGeo supports open-source geospatial software development, providing foundational tools for mapping and spatial data analysis. Historically, vulnerabilities have included remote code execution, cross-site scripting, and privilege escalation, often stemming from input validation flaws in web applications. The organization maintains a moderate security posture with five CVEs recorded, primarily affecting components like MapServer and GeoServer. While no major incidents have been widely documented, the distributed nature of its projects requires consistent patching across multiple dependencies. Security remains a priority as OSGeo's tools are increasingly integrated into critical infrastructure, necessitating robust coding practices and regular security audits to mitigate potential exploitation risks.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-8213 | OSGeo gdal Grid File GDapi.c GDSDfldsrch heap-based overflow — gdalCWE-122 | 5.3 | Medium | 2026-05-09 |
| CVE-2026-8212 | OSGeo gdal SWapi.c SWSDfldsrch heap-based overflow — gdalCWE-122 | 5.3 | Medium | 2026-05-09 |
| CVE-2026-8088 | OSGeo gdal GDapi.c GDfieldinfo out-of-bounds — gdalCWE-125 | 3.3 | Low | 2026-05-07 |
| CVE-2026-8087 | OSGeo gdal GDapi.c GDnentries heap-based overflow — gdalCWE-122 | 5.3 | Medium | 2026-05-07 |
| CVE-2026-8086 | OSGeo gdal SWapi.c SWnentries heap-based overflow — gdalCWE-122 | 5.3 | Medium | 2026-05-07 |
| CVE-2026-8084 | OSGeo gdal HDF-EOS Grid File SWapi.c memmove out-of-bounds — gdalCWE-125 | 3.3 | Low | 2026-05-07 |
| CVE-2026-4738 | GDAL Bundled zlib (inftree9.c) Pointer Offset Optimization Undefined Behavior Allows Heap Corruption or Remote Code Execution — gdalCWE-119 | 9.8 | - | 2026-03-24 |
This page lists every published CVE security advisory associated with OSGeo. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.