{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-22T17:45:26.622","vulnerabilities":[{"cve":{"id":"CVE-2026-26200","sourceIdentifier":"security-advisories@github.com","published":"2026-02-19T20:25:42.610","lastModified":"2026-02-20T20:14:37.683","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"HDF5 is software for managing data. Prior to version 1.14.4-2, an attacker who can control an `h5` file parsed by HDF5 can trigger a write-based heap buffer overflow condition. This can lead to a denial-of-service condition, and potentially further issues such as remote code execution depending on the practical exploitability of the heap overflow against modern operating systems. Real-world exploitability of this issue in terms of remote-code execution is currently unknown. Version 1.14.4-2 fixes the issue."},{"lang":"es","value":"HDF5 es un software para la gestión de datos. Antes de la versión 1.14.4-2, un atacante que puede controlar un archivo 'h5' analizado por HDF5 puede desencadenar una condición de desbordamiento de búfer de montículo basado en escritura. Esto puede llevar a una condición de denegación de servicio, y potencialmente a problemas adicionales como la ejecución remota de código dependiendo de la explotabilidad práctica del desbordamiento de montículo contra sistemas operativos modernos. La explotabilidad real de este problema en términos de ejecución remota de código es actualmente desconocida. La versión 1.14.4-2 corrige el problema."}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Primary","description":[{"lang":"en","value":"CWE-122"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:hdfgroup:hdf5:*:*:*:*:*:*:*:*","versionEndExcluding":"1.14.4.2","matchCriteriaId":"75A3E09A-12A9-4186-9CA7-F34D0D169F17"}]}]}],"references":[{"url":"https://github.com/HDFGroup/hdf5/security/advisories/GHSA-5p2m-j456-9mr2","source":"security-advisories@github.com","tags":["Exploit","Third Party Advisory"]}]}}]}