HDF5 through 1.14.3 contains a stack buffer overflow in H5R__decode_heap, resulting in the corruption of the instruction pointer and causing denial of service or potential code execution.
https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/