Skip to main content

Libsixel CVE-2025-61146

MEDIUM
Memory Leak (CWE-401)
2026-02-23 cve@mitre.org
4.0
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
4.0 MEDIUM
AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
SUSE
3.1 LOW
AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Primary rating from NVD.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Attack Vector
Local
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
Low

Lifecycle Timeline

3
Analysis Generated
Mar 12, 2026 - 21:55 vuln.today
Patch released
Feb 26, 2026 - 20:01 nvd
Patch available
CVE Published
Feb 23, 2026 - 19:22 nvd
MEDIUM 4.0

DescriptionCVE.org

saitoha libsixel until v1.8.7 was discovered to contain a memory leak via the component malloc_stub.c.

AnalysisAI

saitoha libsixel until v1.8.7 was discovered to contain a memory leak via the component malloc_stub.c. [CVSS 4.0 MEDIUM]

Technical ContextAI

Classified as CWE-401 (Memory Leak). Affects the a memory leak via the component of Libsixel. saitoha libsixel until v1.8.7 was discovered to contain a memory leak via the component malloc_stub.c.

RemediationAI

A vendor patch is available — apply it immediately.

CVE-2019-20140 HIGH POC
8.8 Dec 30

An issue was discovered in libsixel 1.8.4. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, n

CVE-2019-20094 HIGH POC
8.8 Dec 30

An issue was discovered in libsixel 1.8.4. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, n

CVE-2019-20205 HIGH POC
8.8 Jan 02

libsixel 1.8.4 has an integer overflow in sixel_frame_resize in frame.c. Rated high severity (CVSS 8.8), this vulnerabil

CVE-2021-41715 HIGH POC
8.8 Apr 08

libsixel 1.10.0 is vulnerable to Use after free in libsixel/src/dither.c:379. Rated high severity (CVSS 8.8), this vulne

CVE-2020-21548 HIGH POC
8.8 Sep 17

Libsixel 1.8.3 contains a heap-based buffer overflow in the sixel_encode_highcolor function in tosixel.c. Rated high sev

CVE-2020-21547 HIGH POC
8.8 Sep 17

Libsixel 1.8.2 contains a heap-based buffer overflow in the dither_func_fs function in tosixel.c. Rated high severity (C

CVE-2019-19778 HIGH POC
8.8 Dec 13

An issue was discovered in libsixel 1.8.2. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, n

CVE-2019-19777 HIGH POC
8.8 Dec 13

stb_image.h (aka the stb image loader) 2.23, as used in libsixel and other products, has a heap-based buffer over-read i

CVE-2021-40656 HIGH POC
8.8 Apr 08

libsixel before 1.10 is vulnerable to Buffer Overflow in libsixel/src/quant.c:867. Rated high severity (CVSS 8.8), this

CVE-2022-27044 HIGH POC
8.8 Apr 08

libsixel 1.8.6 is affected by Buffer Overflow in libsixel/src/quant.c:876. Rated high severity (CVSS 8.8), this vulnerab

CVE-2022-27046 HIGH POC
8.8 Apr 08

libsixel 1.8.6 suffers from a Heap Use After Free vulnerability in in libsixel/src/dither.c:388. Rated high severity (CV

CVE-2019-3574 HIGH POC
7.8 Jan 02

In libsixel v1.8.2, there is a heap-based buffer over-read in the function load_jpeg() in the file loader.c, as demonstr

Vendor StatusVendor

SUSE

Severity: Low

Share

CVE-2025-61146 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy