CVE-2026-40385 | THREATINT

Description

In libexif through 0.6.25, an unsigned 32bit integer overflow in Nikon MakerNote handling could be used by local attackers to cause crashes or information leaks. This only affects 32bit systems.

PUBLISHED Reserved 2026-04-12 | Published 2026-04-12 | Updated 2026-04-14 | Assigner mitre

MEDIUM: 4.0CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L

Problem types

CWE-190 Integer Overflow or Wraparound

Product status

Default status

unknown

Any version

affected

References

github.com/...ommit/93003b93e50b3d259bd2227d8775b73a53c35d58

cve.org (CVE-2026-40385)

nvd.nist.gov (CVE-2026-40385)

Download JSON