Skip to main content

Mapserver EUVD-2026-16501

| CVE-2026-33721 MEDIUM
Out-of-bounds Write (CWE-787)
2026-03-27 GitHub_M
Buffer Overflow Memory Corruption Mapserver
5.3
CVSS 3.1 · GitHub Advisory
Share

Severity by source

GitHub Advisory PRIMARY
5.3 MEDIUM
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
SUSE
MEDIUM
qualitative
Red Hat
7.5 HIGH
qualitative

Primary rating from GitHub Advisory.

CVSS VectorGitHub Advisory

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
Low

Lifecycle Timeline

4
Patch available
Apr 16, 2026 - 05:29 EUVD
8.6.1
EUVD ID Assigned
Mar 27, 2026 - 00:45 euvd
EUVD-2026-16501
Analysis Generated
Mar 27, 2026 - 00:45 vuln.today
CVE Published
Mar 27, 2026 - 00:15 nvd
MEDIUM 5.3

DescriptionGitHub Advisory

MapServer is a system for developing web-based GIS applications. Starting in version 4.2 and prior to version 8.6.1, a heap-buffer-overflow write in MapServer’s SLD (Styled Layer Descriptor) parser lets a remote, unauthenticated attacker crash the MapServer process by sending a crafted SLD with more than 100 Threshold elements inside a ColorMap/Categorize structure (commonly reachable via WMS GetMap with SLD_BODY). Version 8.6.1 patches the issue.

AnalysisAI

MapServer versions 4.2 through 8.6.0 are vulnerable to a heap buffer overflow in the SLD (Styled Layer Descriptor) parser that allows remote, unauthenticated attackers to crash the MapServer process by sending a crafted SLD document containing more than 100 Threshold elements within a ColorMap/Categorize structure. The vulnerability is reachable via WMS GetMap requests using the SLD_BODY parameter, requiring no authentication or user interaction. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts
Continue with Google Continue with GitHub

Free forever · No credit card required

Vulnerability AssessmentAI

Risk Assessment The CVSS v3.1 score of 5.3 (Medium) with vector AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L reflects a network-accessible, low-complexity attack with no privilege or interaction requirements that causes availability loss (denial of service). … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker crafts an HTTP GET request to a publicly accessible MapServer WMS endpoint with an SLD_BODY parameter containing a malformed SLD XML document with a ColorMap/Categorize element defining 101 Threshold children, exceeding the parser's internal buffer allocation. When the MapServer process parses this request, the buffer overflow writes beyond allocated heap memory, corrupting adjacent data structures and causing a process crash or segmentation fault. …
Remediation Upgrade MapServer to version 8.6.1 or later immediately. … Detailed patch versions, workarounds, and compensating controls in full report.
Sign in to read full assessment

Recommended ActionAI

Within 30 days: Identify affected systems running version 4.2 and and apply vendor patches as part of regular patch cycle. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

Vendor StatusVendor

SUSE

Severity: Medium

Share

EUVD-2026-16501 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy