Skip to main content

Libraw CVE-2026-20911

| EUVD-2026-19622 CRITICAL
Incorrect Calculation of Buffer Size (CWE-131)
2026-04-07 talos GHSA-rc49-6x7v-hf76
Buffer Overflow Libraw
9.8
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
9.8 CRITICAL
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
SUSE
CRITICAL
qualitative
Red Hat
7.5 HIGH
qualitative

Primary rating from NVD.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

4
Patch released
Apr 09, 2026 - 14:30 nvd
Patch available
EUVD ID Assigned
Apr 07, 2026 - 14:30 euvd
EUVD-2026-19622
Analysis Generated
Apr 07, 2026 - 14:30 vuln.today
CVE Published
Apr 07, 2026 - 13:49 nvd
CRITICAL 9.8

DescriptionCVE.org

A heap-based buffer overflow vulnerability exists in the HuffTable::initval functionality of LibRaw Commit 0b56545 and Commit d20315b. A specially crafted malicious file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability.

AnalysisAI

Heap-based buffer overflow in LibRaw's HuffTable::initval function allows unauthenticated remote attackers to achieve arbitrary code execution via malformed image files. Affects LibRaw commits 0b56545 and d20315b with CVSS 9.8 critical severity. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts
Continue with Google Continue with GitHub

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Provide malicious RAW image file
Exploit
LibRaw processes HuffTable::initval function
Execution
Trigger heap buffer overflow
Impact
Execute arbitrary code with full privileges
Sign in to reveal

Vulnerability AssessmentAI

Exploitation Remote attacker sends a specially crafted malicious image file to LibRaw (Commit 0b56545 or d20315b). … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment This represents a critical-severity vulnerability with exceptionally favorable exploitation characteristics from an attacker perspective. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker crafts a malicious RAW image file with manipulated Huffman table metadata designed to trigger incorrect buffer size calculations in LibRaw's HuffTable::initval function. The attacker uploads this file to a vulnerable web application's photo upload feature or sends it as an email attachment to an organization using LibRaw-based image processing in their mail gateway. …
Remediation Organizations should immediately upgrade to a LibRaw version post-dating the vulnerable commits 0b56545 and d20315b once a patched release is published. … Detailed patch versions, workarounds, and compensating controls in full report.
Sign in to read full assessment

Recommended ActionAI

Within 24 hours: Identify all systems and applications using LibRaw and document which commits (0b56545, d20315b) are present; restrict image file processing to trusted sources only and disable automatic image preview/processing features where feasible. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

Vendor StatusVendor

SUSE

Severity: Critical
Product Status
SUSE Linux Enterprise Desktop 15 SP7 Fixed
SUSE Linux Enterprise High Performance Computing 15 SP7 Fixed
SUSE Linux Enterprise Module for Desktop Applications 15 SP7 Fixed
SUSE Linux Enterprise Module for Package Hub 15 SP7 Fixed
SUSE Linux Enterprise Server 15 SP7 Fixed

Share

CVE-2026-20911 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy