CVE-2026-4887 | THREATINT

Description

A flaw was found in GIMP. This issue is a heap buffer over-read in GIMP PCX file loader due to an off-by-one error. A remote attacker could exploit this by convincing a user to open a specially crafted PCX image. Successful exploitation could lead to out-of-bounds memory disclosure and a possible application crash, resulting in a Denial of Service (DoS).

PUBLISHED Reserved 2026-03-26 | Published 2026-03-26 | Updated 2026-05-26 | Assigner redhat

MEDIUM: 6.1CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H

Problem types

Off-by-one Error

Product status

Default status

affected

8100020260512115927.4c9c024f (rpm) before *

unaffected

Default status

affected

8040020260520140422.70584597 (rpm) before *

unaffected

Default status

affected

8040020260520140422.70584597 (rpm) before *

unaffected

Default status

affected

8060020260520140100.6af1eaf0 (rpm) before *

unaffected

Default status

affected

8060020260520140100.6af1eaf0 (rpm) before *

unaffected

Default status

affected

8060020260520140100.6af1eaf0 (rpm) before *

unaffected

Default status

affected

8080020260520102644.0621e4ee (rpm) before *

unaffected

Default status

affected

8080020260520102644.0621e4ee (rpm) before *

unaffected

Default status

affected

2:3.0.4-1.el9_7.5 (rpm) before *

unaffected

Default status

affected

2:3.0.4-4.el9_8.4 (rpm) before *

unaffected

Default status

affected

2:2.99.8-3.el9_0.6 (rpm) before *

unaffected

Default status

unknown

Default status

affected

Timeline

2026-03-26:	Reported to Red Hat.
2026-03-26:	Made public.

Credits

Red Hat would like to thank Meshaal (@unrealmesh) for reporting this issue.

References

access.redhat.com/errata/RHSA-2026:16484 (RHSA-2026:16484) vendor-advisory

access.redhat.com/errata/RHSA-2026:17533 (RHSA-2026:17533) vendor-advisory

access.redhat.com/errata/RHSA-2026:19362 (RHSA-2026:19362) vendor-advisory

access.redhat.com/errata/RHSA-2026:20552 (RHSA-2026:20552) vendor-advisory

access.redhat.com/errata/RHSA-2026:20553 (RHSA-2026:20553) vendor-advisory

access.redhat.com/errata/RHSA-2026:20554 (RHSA-2026:20554) vendor-advisory

access.redhat.com/errata/RHSA-2026:20691 (RHSA-2026:20691) vendor-advisory

access.redhat.com/security/cve/CVE-2026-4887 vdb-entry

bugzilla.redhat.com/show_bug.cgi?id=2451669 (RHBZ#2451669) issue-tracking

gitlab.gnome.org/GNOME/gimp/-/issues/15960

cve.org (CVE-2026-4887)

nvd.nist.gov (CVE-2026-4887)

Download JSON

help @ threatint.eu