osgeo

Top products

The 15 most recently published vulnerabilities affecting osgeo.

• CVE-2025-58175GeoServer has a Server-Side Request Forgery (SSRF) Vulnerability in its XML Entity Resolution6.5Jun 18, 2026
• CVE-2025-52465GeoServer has an arbitrary file write vulnerability in its Master Password Dump Page7.2Jun 18, 2026
• CVE-2025-27511GeoServer DB2 DataStore Extension has a JNDI Vulnerability via Store Connection7.2Jun 18, 2026
• CVE-2026-45104MapServer: NULL pointer dereference in SLD `<ElseFilter>` rule parsing reachable via WMS `SLD_BODY`7.5May 27, 2026
• CVE-2026-49014In GDAL 3.1.0 through 3.13.0, scanForGeometryContainers in the netCDF driver allows code execution via a stack-based buffer overflow. It reads a geometry attribute into a fixed-size stack buffer wi...7.4May 27, 2026
• CVE-2026-8213OSGeo gdal Grid File GDapi.c GDSDfldsrch heap-based overflow5.3May 9, 2026
• CVE-2026-8212OSGeo gdal SWapi.c SWSDfldsrch heap-based overflow5.3May 9, 2026
• CVE-2026-42030MapServer: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) in OpenLayers viewer6.1May 8, 2026
• CVE-2026-8088OSGeo gdal GDapi.c GDfieldinfo out-of-bounds3.3May 7, 2026
• CVE-2026-8087OSGeo gdal GDapi.c GDnentries heap-based overflow5.3May 7, 2026
• CVE-2026-8086OSGeo gdal SWapi.c SWnentries heap-based overflow5.3May 7, 2026
• CVE-2026-8084OSGeo gdal HDF-EOS Grid File SWapi.c memmove out-of-bounds3.3May 7, 2026
• CVE-2026-33721MapServer has heap buffer overflow in SLD `Categorize` Threshold parsing5.3Mar 27, 2026
• CVE-2022-50899Geonetwork 4.2.0 - XML External Entity (XXE)6.5Jan 13, 2026
• CVE-2025-59431MapServer - WFS XML Filter Query SQL injection9.8Sep 19, 2025