CVE-2026-26200

Опубликовано: 19 фев. 2026

Источник: ubuntu

Приоритет: medium

EPSS Низкий

CVSS3: 7.8

Описание

HDF5 is software for managing data. Prior to version 1.14.4-2, an attacker who can control an h5 file parsed by HDF5 can trigger a write-based heap buffer overflow condition. This can lead to a denial-of-service condition, and potentially further issues such as remote code execution depending on the practical exploitability of the heap overflow against modern operating systems. Real-world exploitability of this issue in terms of remote-code execution is currently unknown. Version 1.14.4-2 fixes the issue.

Релиз	Статус	Примечание
devel	needs-triage
esm-apps/bionic	needs-triage
esm-apps/focal	needs-triage
esm-apps/jammy	needs-triage
esm-apps/noble	needs-triage
esm-apps/xenial	needs-triage
esm-infra-legacy/trusty	needs-triage
jammy	needs-triage
noble	needs-triage
questing	needs-triage

Показывать по

Ссылки на источники

EPSS

Процентиль: 11%

0.00036

Низкий

7.8 High

CVSS3

Связанные уязвимости

CVE-2026-26200

CVSS3: 7.8

redhat

около 1 месяца назад

HDF5 is software for managing data. Prior to version 1.14.4-2, an attacker who can control an `h5` file parsed by HDF5 can trigger a write-based heap buffer overflow condition. This can lead to a denial-of-service condition, and potentially further issues such as remote code execution depending on the practical exploitability of the heap overflow against modern operating systems. Real-world exploitability of this issue in terms of remote-code execution is currently unknown. Version 1.14.4-2 fixes the issue.

CVE-2026-26200

CVSS3: 7.8

nvd

около 1 месяца назад

CVE-2026-26200

CVSS3: 7.8

debian

около 1 месяца назад

HDF5 is software for managing data. Prior to version 1.14.4-2, an atta ...

EPSS

Процентиль: 11%

0.00036

Низкий

7.8 High

CVSS3

CVE-2026-26200

Описание

Пакет hdf5

Ссылки на источники

Связанные уязвимости