Stack-based Buffer Overflow in GMT Command-line Tools Affecting Geographic Data Manipulation
CVE-2026-33147

7.3HIGH

Key Information:

Vendor: Genericmappingtools
Status: Gmt
Vendor: CVE Published:; 20 March 2026

🔔 Create Genericmappingtools Vulnerability Alert

Badges

👾 Exploit Exists🟡 Public PoC

What is CVE-2026-33147?

A stack-based buffer overflow has been identified in the gmt_remote_dataset_id function within the GMT command-line tools, specifically versions 6.6.0 and earlier. This vulnerability arises when a specifically crafted long string is provided as a dataset identifier through the which module, potentially leading to crashes or allowing for arbitrary code execution. Users are encouraged to upgrade to the patched version to mitigate the risk associated with this issue.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

gmt <= 6.6.0

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2026-33147
Created by redyank

References

https://github.com/GenericMappingTools/gmt/security/advis...

x_refsource_CONFIRM

https://github.com/GenericMappingTools/gmt/commit/0ad2b49...

x_refsource_MISC

CVSS V3.1

Score:

7.3

Severity:

HIGH

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

🟡
Public PoC available
Apr 3, 2026
👾
Exploit known to exist
Apr 3, 2026
Vulnerability published
Mar 20, 2026
Vulnerability Reserved
Mar 17, 2026

JSON

Genericmappingtools