What is the CVSS score of CVE-2026-30479?

CVE-2026-30479 has a CVSS 3.1 base score of 9.1 (Critical). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N. EPSS exploitation probability: 0.0%.

Which versions of N A are affected by CVE-2026-30479?

OSGeo MapServer versions prior to 8.0 contain a critical remote code execution vulnerability (CVE-2026-30479) allowing unauthenticated attackers to execute arbitrary commands with no user interaction…

N A CVE-2026-30479

EUVD-2026-20932 CRITICAL

Code Injection (CWE-94)

2026-04-09 mitre

GHSA-4mx6-xfr3-7q7g

RCE Code Injection N A

9.1

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

None

Lifecycle Timeline

Analysis Generated

Apr 14, 2026 - 17:25 vuln.today

CVSS changed

Apr 14, 2026 - 17:22 NVD

9.1 (CRITICAL)

EUVD ID Assigned

Apr 09, 2026 - 16:30 euvd

EUVD-2026-20932

CVE Published

Apr 09, 2026 - 00:00 nvd

N/A

DescriptionNVD

A Dynamic-link Library Injection vulnerability in OSGeo Project MapServer before v8.0 allows attackers to execute arbitrary code via a crafted executable.

AnalysisAI

Remote code execution in OSGeo MapServer versions prior to 8.0 enables unauthenticated attackers to execute arbitrary code through dynamic-link library (DLL) injection via a specially crafted executable. The vulnerability requires no user interaction and has low attack complexity (CVSS 9.1 Critical), though real-world exploitation probability remains low (EPSS 2%, 5th percentile). …

RemediationAI

Within 24 hours: Identify and document all MapServer instances running versions prior to 8.0 across the organization; isolate any internet-facing instances from production networks if possible. Within 7 days: Evaluate upgrade feasibility to MapServer 8.0 or later; if immediate upgrade is infeasible, implement network-level access controls (firewall rules, WAF policies) to restrict external connections to MapServer ports. …

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

CVE-2026-30479 vulnerability details – vuln.today

Back

N A CVE-2026-30479

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

RemediationAI

Full analysis requires sign-in

Share

External POC / Exploit Code