CVE-2026-34734
Published: 09 April 2026
Summary
CVE-2026-34734 is a high-severity Use After Free (CWE-416) vulnerability in Hdfgroup Hdf5. Its CVSS base score is 7.8 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Client Execution (T1203); ranked at the 5.7th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 SI-16 (Memory Protection) and SI-2 (Flaw Remediation).
Deeper analysis
CVE-2026-34734 is a heap-use-after-free vulnerability (CWE-416) affecting the h5dump helper utility in HDF5 versions 1.14.1-2 and earlier. HDF5 is software for managing data, and the flaw arises when processing a malicious .h5 file. Specifically, an object allocated by H5D__typeinfo_init_phase3 and freed by H5D__typeinfo_term is improperly referenced in a memmove call from H5T__conv_struct, leading to the use-after-free condition. The vulnerability was published on 2026-04-09 and carries a CVSS v3.1 base score of 7.8 (AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H).
Exploitation requires local access with low attack complexity and no privileges, but relies on user interaction, such as convincing a user to run h5dump on a supplied malicious .h5 file. A successful attacker can achieve high impacts on confidentiality, integrity, and availability, potentially enabling arbitrary code execution or system compromise on the affected machine.
The primary reference is the security advisory published by the HDF Group at https://github.com/HDFGroup/hdf5/security/advisories/GHSA-w7v2-9cmr-pwwj, which security practitioners should review for details on available patches and recommended mitigations.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2026-21020
Vulnerability details
HDF5 is software for managing data. In 1.14.1-2 and earlier, a heap-use-after-free was found in the h5dump helper utility. An attacker who can supply a malicious h5 file can trigger a heap use-after-free. The freed object is referenced in a…
more
memmove call from H5T__conv_struct. The original object was allocated by H5D__typeinfo_init_phase3 and freed by H5D__typeinfo_term.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Heap use-after-free in h5dump enables arbitrary code execution when processing a malicious .h5 file, directly facilitating T1203 (Exploitation for Client Execution) and T1204.002 (Malicious File) via user interaction.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly mitigates the heap-use-after-free vulnerability by requiring timely patching of the affected HDF5 h5dump utility as per vendor advisories.
Implements memory protection mechanisms such as ASLR and DEP that directly minimize the exploitability of heap use-after-free conditions in h5dump.
Enables vulnerability scanning to identify and prioritize remediation of the specific CVE-2026-34734 in deployed HDF5 versions.