How to fix CVE-2025-15059?

Within 24 hours: Identify all systems running GIMP and assess usage in production environments. Within 7 days: Deploy available vendor patch to all GIMP installations; restrict file upload capabilities where PSP format support is not required. Within 30 days: Conduct post-patch validation testing and review access logs for suspicious PSP file handling activity.

Is Heap Overflow affected by CVE-2025-15059?

A critical remote code execution vulnerability in GIMP (CVE-2025-15059) allows attackers to execute arbitrary commands on systems running affected versions through malicious PSP file uploads.

CVE-2025-15059

HIGH

2026-01-23 [email protected]

7.8

CVSS 3.0

CVSS Vector

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Attack Vector

Local

Attack Complexity

Low

Privileges Required

None

User Interaction

Required

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

Analysis Generated

Mar 12, 2026 - 21:54 vuln.today

Patch Released

Feb 26, 2026 - 20:04 nvd

Patch available

CVE Published

Jan 23, 2026 - 04:16 nvd

HIGH 7.8

Description

GIMP PSP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PSP files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-28232.

Analysis

Technical Context

Classified as CWE-122 (Heap-based Buffer Overflow). Affects Gimp. GIMP PSP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.

The specific flaw exists within the parsing of PSP files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-

Affected Products

Vendor: Gimp. Product: Gimp. Versions: up to 3.0.6.

Remediation

A vendor patch is available — apply it immediately. Enable ASLR, DEP/NX, and stack canaries where possible.

Priority Score

Low Medium High Critical

KEV: 0

EPSS: +0.1

CVSS: +39

POC: 0

Vendor Status

CVE-2025-15059 vulnerability details – vuln.today

Back

CVE-2025-15059

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Technical Context

Affected Products

Remediation

Priority Score

Vendor Status

Share

CVE-2025-15059

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Technical Context

Affected Products

Remediation

Priority Score

Vendor Status

Share

External POC / Exploit Code