CVE-2026-33721Out-of-bounds Write in Mapserver

CWE-787Out-of-bounds Write7 documents6 sources
Severity
7.5HIGHNVD
EPSS
0.2%
top 56.50%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Osgeo MapserverDebian MapserverMapserver
Timeline
PublishedMar 27

Description

MapServer is a system for developing web-based GIS applications. Starting in version 4.2 and prior to version 8.6.1, a heap-buffer-overflow write in MapServer’s SLD (Styled Layer Descriptor) parser lets a remote, unauthenticated attacker crash the MapServer process by sending a crafted SLD with more than 100 Threshold elements inside a ColorMap/Categorize structure (commonly reachable via WMS GetMap with SLD_BODY). Version 8.6.1 patches the issue.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages4 packages

NVDosgeo/mapserver4.2.08.6.1
debiandebian/mapserver< mapserver 8.6.1-1 (forky)
Debianosgeo/mapserver< 8.6.1-1
CVEListV5mapserver/mapserver>= 4.2, < 8.6.1

🔴Vulnerability Details

1
OSV
CVE-2026-33721: MapServer is a system for developing web-based GIS applications2026-03-27

📋Vendor Advisories

2
Red Hat
MapServer: MapServer: Denial of Service via crafted Styled Layer Descriptor2026-03-27
Debian
CVE-2026-33721: mapserver - MapServer is a system for developing web-based GIS applications. Starting in ver...2026

🕵️Threat Intelligence

1
Wiz
CVE-2026-33721 Impact, Exploitability, and Mitigation Steps | Wiz

💬Community

2
Bugzilla
CVE-2026-33721 mapserver: MapServer: Denial of Service via crafted Styled Layer Descriptor [fedora-all]2026-03-27
Bugzilla
CVE-2026-33721 mapserver: MapServer: Denial of Service via crafted Styled Layer Descriptor [epel-all]2026-03-27
CVE-2026-33721 — Out-of-bounds Write in Osgeo Mapserver | cvebase