Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

63 matches found

OPENSUSE Linux
OPENSUSE Linuxadded 2 days ago5 views

Security update for mapserver (important)

openSUSE security update: security update for mapserver ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20857-1 Rating: important References: bsc1260869 bsc1266663 Cross-References: CVE-2026-33721 CVE-2026-45104 Affected Products: openSUSE Leap 16.0...

7.5CVSS5.8AI score0.003EPSS
Exploits2References2
OSV
OSVadded 3 days ago2 views

OPENSUSE-SU-2026:20857-1 Security update for mapserver

This update for mapserver fixes the following issues: Changes in mapserver: - Update to releasee 8.6.3 SLD parser: fix out of bounds access on SLD with only a Rule with a ElseFilter but without a symbolizer CVE-2026-33721, boo1260869 CVE-2026-45104, boo1266663...

7.5CVSS5.8AI score0.003EPSS
Exploits2References4
SUSE CVE
SUSE CVEadded 6 days ago6 views

SUSE CVE-2026-45104

MapServer is a system for developing web-based GIS applications. From 6.4.0 to before 8.6.3, msSLDParseUserStyle always calls SLDApplyRuleValuespsRule, psLayer, 1; for any carrying - it assumes msSLDParseRule added one class. When the rule has no symbolizer a structurally valid SLD, msSLDParseRul...

7.5CVSS5.8AI score0.00053EPSS
Exploits1References3
OSV
OSVadded 2026/05/27 8:16 p.m.4 views

DEBIAN-CVE-2026-45104

MapServer is a system for developing web-based GIS applications. From 6.4.0 to before 8.6.3, msSLDParseUserStyle always calls SLDApplyRuleValuespsRule, psLayer, 1; for any carrying — it assumes msSLDParseRule added one class. When the rule has no symbolizer a structurally valid SLD, msSLDParseRul...

7.5CVSS5.8AI score0.00053EPSS
Exploits1References1
NVD
NVDadded 2026/05/27 8:16 p.m.9 views

CVE-2026-45104

MapServer is a system for developing web-based GIS applications. From 6.4.0 to before 8.6.3, msSLDParseUserStyle always calls SLDApplyRuleValuespsRule, psLayer, 1; for any carrying — it assumes msSLDParseRule added one class. When the rule has no symbolizer a structurally valid SLD, msSLDParseRul...

7.5CVSS0.00053EPSS
Exploits1References1
Cvelist
Cvelistadded 2026/05/27 6:41 p.m.35 views

CVE-2026-45104 MapServer: NULL pointer dereference in SLD `<ElseFilter>` rule parsing reachable via WMS `SLD_BODY`

MapServer is a system for developing web-based GIS applications. From 6.4.0 to before 8.6.3, msSLDParseUserStyle always calls SLDApplyRuleValuespsRule, psLayer, 1; for any carrying — it assumes msSLDParseRule added one class. When the rule has no symbolizer a structurally valid SLD, msSLDParseRul...

7.5CVSS0.00053EPSS
Exploits1References1
Vulnrichment
Vulnrichmentadded 2026/05/27 6:41 p.m.6 views

CVE-2026-45104 MapServer: NULL pointer dereference in SLD `<ElseFilter>` rule parsing reachable via WMS `SLD_BODY`

MapServer is a system for developing web-based GIS applications. From 6.4.0 to before 8.6.3, msSLDParseUserStyle always calls SLDApplyRuleValuespsRule, psLayer, 1; for any carrying — it assumes msSLDParseRule added one class. When the rule has no symbolizer a structurally valid SLD, msSLDParseRul...

7.5CVSS5.8AI score0.00053EPSS
Exploits1References1
CVE
CVEadded 2026/05/27 6:41 p.m.11 views

CVE-2026-45104

MapServer CVE-2026-45104 describes a NULL pointer dereference in SLD parsing of rules when exposed via WMS SLD_BODY. From 6.4.0 through before 8.6.3, msSLDParseUserStyle calls _SLDApplyRuleValues(psRule, psLayer, 1) for any with , assuming one class was added. If the rule has no symbolizer (sti...

7.5CVSS5.8AI score0.00053EPSS
Exploits1References1Affected Software1
ATTACKERKB
ATTACKERKBadded 2026/05/27 6:41 p.m.5 views

CVE-2026-45104

MapServer is a system for developing web-based GIS applications. From 6.4.0 to before 8.6.3, msSLDParseUserStyle always calls SLDApplyRuleValuespsRule, psLayer, 1; for any carrying — it assumes msSLDParseRule added one class. When the rule has no symbolizer a structurally valid SLD, msSLDParseRul...

7.5CVSS5.8AI score0.00053EPSS
Exploits1References2Affected Software1
Positive Technologies
Positive Technologiesadded 2026/05/27 12:0 a.m.5 views

PT-2026-44078

Name of the Vulnerable Software and Affected Versions MapServer versions 6.4.0 through 8.6.2 Description A NULL pointer dereference occurs when the msSLDParseUserStyle function calls SLDApplyRuleValuespsRule, psLayer, 1 for any containing an . The system assumes msSLDParseRule added one class;...

7.5CVSS5.8AI score0.00053EPSS
Exploits1References3
Anthropic
Anthropicadded 2026/03/29 8:43 p.m.5 views

ANT-2026-9SZMPW41 · MapServer · Heap Buffer Overflow

heap-buffer-overflow medium CVE-2026-33721 Severity Claude medium · Security research firm medium · Maintainer unknown Discovered by Claude Mythos Preview REPORT Anthropic's analysis, sealed at approval. Disclosure to the maintainer was performed by Trail of Bits. ANT-2026-9SZMPW41: Heap buffer...

7.5CVSS6AI score0.003EPSS
Exploits1
SUSE CVE
SUSE CVEadded 2026/03/28 12:24 a.m.2 views

SUSE CVE-2026-33721

MapServer is a system for developing web-based GIS applications. Starting in version 4.2 and prior to version 8.6.1, a heap-buffer-overflow write in MapServer's SLD Styled Layer Descriptor parser lets a remote, unauthenticated attacker crash the MapServer process by sending a crafted SLD with mor...

7.5CVSS5.9AI score0.003EPSS
Exploits1References3
Tenable Nessus
Tenable Nessusadded 2026/03/28 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2026-33721

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - MapServer is a system for developing web-based GIS applications. Starting in version 4.2 and prior to version 8.6.1, a heap-buffer-overflow write in MapServer's...

7.5CVSS5.8AI score0.003EPSS
Exploits1References2
NVD
NVDadded 2026/03/27 1:16 a.m.0 views

CVE-2026-33721

MapServer is a system for developing web-based GIS applications. Starting in version 4.2 and prior to version 8.6.1, a heap-buffer-overflow write in MapServer’s SLD Styled Layer Descriptor parser lets a remote, unauthenticated attacker crash the MapServer process by sending a crafted SLD with mor...

7.5CVSS0.003EPSS
Exploits1References3
OSV
OSVadded 2026/03/27 1:16 a.m.2 views

DEBIAN-CVE-2026-33721

MapServer is a system for developing web-based GIS applications. Starting in version 4.2 and prior to version 8.6.1, a heap-buffer-overflow write in MapServer’s SLD Styled Layer Descriptor parser lets a remote, unauthenticated attacker crash the MapServer process by sending a crafted SLD with mor...

7.5CVSS5.3AI score0.003EPSS
Exploits1References1
OSV
OSVadded 2026/03/27 1:16 a.m.0 views

UBUNTU-CVE-2026-33721

MapServer is a system for developing web-based GIS applications. Starting in version 4.2 and prior to version 8.6.1, a heap-buffer-overflow write in MapServer’s SLD Styled Layer Descriptor parser lets a remote, unauthenticated attacker crash the MapServer process by sending a crafted SLD with mor...

7.5CVSS5.8AI score0.003EPSS
Exploits1References4
Vulnrichment
Vulnrichmentadded 2026/03/27 12:15 a.m.1 views

CVE-2026-33721 MapServer has heap buffer overflow in SLD `Categorize` Threshold parsing

MapServer is a system for developing web-based GIS applications. Starting in version 4.2 and prior to version 8.6.1, a heap-buffer-overflow write in MapServer’s SLD Styled Layer Descriptor parser lets a remote, unauthenticated attacker crash the MapServer process by sending a crafted SLD with mor...

5.3CVSS5.9AI score0.003EPSS
Exploits1References2
CVE
CVEadded 2026/03/27 12:15 a.m.13 views

CVE-2026-33721

MapServer (CVE-2026-33721) has a heap-buffer-overflow in the SLD parser triggered by a crafted SLD containing more than 100 Threshold elements in a ColorMap/Categorize structure, exploitable by an unauthenticated remote attacker via WMS GetMap with SLD_BODY. Affects versions up to 4.2 prior to 8....

7.5CVSS5.8AI score0.003EPSS
Exploits1References3Affected Software1
EUVD
EUVDadded 2026/03/27 12:15 a.m.1 views

EUVD-2026-16501

MapServer is a system for developing web-based GIS applications. Starting in version 4.2 and prior to version 8.6.1, a heap-buffer-overflow write in MapServer’s SLD Styled Layer Descriptor parser lets a remote, unauthenticated attacker crash the MapServer process by sending a crafted SLD with mor...

5.3CVSS5.8AI score0.003EPSS
Exploits1References2
Cvelist
Cvelistadded 2026/03/27 12:15 a.m.26 views

CVE-2026-33721 MapServer has heap buffer overflow in SLD `Categorize` Threshold parsing

MapServer is a system for developing web-based GIS applications. Starting in version 4.2 and prior to version 8.6.1, a heap-buffer-overflow write in MapServer’s SLD Styled Layer Descriptor parser lets a remote, unauthenticated attacker crash the MapServer process by sending a crafted SLD with mor...

5.3CVSS0.003EPSS
Exploits1References2
Rows per page
Query Builder