CVE-2026-26200

CVE-2026-26200 affects HDF5 before version 1.14.4-2. An attacker able to control an HDF5 file being parsed can trigger a write-based heap buffer overflow, causing a denial of service and potentially, depending on the OS and exploitability, remote code execution. Real-world exploitation for RCE is...

CVE-2025-2914

CVE-2025-2914 affects HDF5 up to 1.14.6. The vulnerability is in H5FS__sinfo_Srialize_Sct_cb in src/H5FScache.c, where manipulating the sect argument can cause a heap-based buffer overflow. Local access is required, and an exploit has been disclosed. In some advisories, a patched package version ...

DEBIAN-CVE-2024-29162

HDF5 through 1.13.3 and/or 1.14.2 contains a stack buffer overflow in H5HGread, resulting in denial of service or potential code execution...

SUSE CVE-2024-29159

HDF5 through 1.14.3 contains a buffer overflow in H5Zfilterscaleoffset, resulting in the corruption of the instruction pointer and causing denial of service or potential code execution...

SUSE CVE-2024-32619

HDF5 Library through 1.14.3 contains a heap-based buffer overflow in H5Tcopyreopen in H5T.c, resulting in the corruption of the instruction pointer...

UBUNTU-CVE-2018-13872

An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer overflow in the function H5Gentdecode in H5Gent.c...