CVE-2026-33721
MapServer has heap buffer overflow in SLD `Categorize` Threshold parsing
CVSS Score
5.3
EPSS Score
0.2%
EPSS Percentile
43th
MapServer is a system for developing web-based GIS applications. Starting in version 4.2 and prior to version 8.6.1, a heap-buffer-overflow write in MapServer’s SLD (Styled Layer Descriptor) parser lets a remote, unauthenticated attacker crash the MapServer process by sending a crafted SLD with more than 100 Threshold elements inside a ColorMap/Categorize structure (commonly reachable via WMS GetMap with SLD_BODY). Version 8.6.1 patches the issue.
| CWE | CWE-787 |
| Vendor | mapserver |
| Product | mapserver |
| Published | Mar 27, 2026 |
| Last Updated | Apr 17, 2026 |
Stay Ahead of the Next One
Get instant alerts for mapserver mapserver
Be the first to know when new medium vulnerabilities affecting mapserver mapserver are published — delivered to Slack, Telegram or Discord.
Get Free Alerts →
Free · No credit card · 60 sec setup
CVSS v3 Breakdown
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
Low
Affected Versions
MapServer / MapServer
>= 4.2, < 8.6.1