HDF5 through 1.14.3 contains a heap buffer overflow in H5A__attr_release_table, resulting in the corruption of the instruction pointer and causing denial of service or potential code execution.
https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/