Skip to main content

Sail CVE-2026-27168

HIGH
Heap-based Buffer Overflow (CWE-122)
2026-02-21 security-advisories@github.com
8.8
CVSS 3.1 · GitHub Advisory
Share

Severity by source

GitHub Advisory PRIMARY
8.8 HIGH
AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Primary rating from GitHub Advisory · only source for this CVE.

CVSS VectorGitHub Advisory

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Adjacent
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

3
Analysis Generated
Mar 12, 2026 - 22:04 vuln.today
PoC Detected
Mar 02, 2026 - 13:28 vuln.today
Public exploit code
CVE Published
Feb 21, 2026 - 00:16 nvd
HIGH 8.8

DescriptionGitHub Advisory

SAIL is a cross-platform library for loading and saving images with support for animation, metadata, and ICC profiles. All versions are vulnerable to Heap-based Buffer Overflow through the XWD parser's use of the bytes_per_line value. The value os read directly from the file as the read size in io->strict_read(), and is never compared to the actual size of the destination buffer. An attacker can provide an XWD file with an arbitrarily large bytes_per_line, causing a massive write operation beyond the buffer heap allocated for the image pixels. The issue did not have a fix at the time of publication.

AnalysisAI

The SAIL image library contains a heap buffer overflow in its XWD file parser that fails to validate the bytes_per_line value read from untrusted files, allowing attackers to trigger out-of-bounds memory writes during image processing. Public exploit code exists for this vulnerability affecting all versions of SAIL. No patch is currently available, leaving users of this cross-platform image loading library exposed to potential code execution or denial of service attacks.

Technical ContextAI

Classified as CWE-122 (Heap-based Buffer Overflow). Affects Sail. SAIL is a cross-platform library for loading and saving images with support for animation, metadata, and ICC profiles. All versions are vulnerable to Heap-based Buffer Overflow through the XWD parser's use of the bytes_per_line value. The value os read directly from the file as the read size in io->strict_read(), and is never compared to the actual size of the destination buffer. An attacker can provide an XWD file with an arbitrarily large bytes_per_line, causing a massive write operation beyon

RemediationAI

Monitor vendor advisories for a patch. Enable ASLR, DEP/NX, and stack canaries where possible.

More in Sail

View all
CVE-2026-40494 CRITICAL
9.8 Apr 18

Heap buffer overflow in SAIL image library's TGA decoder allows remote code execution via malformed RLE-compressed TGA f

CVE-2026-40493 CRITICAL
9.8 Apr 18

Heap buffer overflow in SAIL PSD codec allows remote code execution when processing malicious LAB-mode PSD files. Affect

CVE-2026-40492 CRITICAL
9.8 Apr 18

Out-of-bounds memory access in SAIL image library's XWD codec allows remote attackers to achieve arbitrary code executio

CVE-2025-53510 HIGH POC
8.8 Aug 25

A memory corruption vulnerability exists in the PSD Image Decoding functionality of the SAIL Image Decoding Library v0.9

CVE-2025-53085 HIGH POC
8.8 Aug 25

A memory corruption vulnerability exists in the PSD RLE Decoding functionality of the SAIL Image Decoding Library v0.9.8

CVE-2025-52930 HIGH POC
8.8 Aug 25

A memory corruption vulnerability exists in the BMPv3 RLE Decoding functionality of the SAIL Image Decoding Library v0.9

CVE-2025-52456 HIGH POC
8.8 Aug 25

A memory corruption vulnerability exists in the WebP Image Decoding functionality of the SAIL Image Decoding Library v0.

CVE-2025-50129 HIGH POC
8.8 Aug 25

A memory corruption vulnerability exists in the PCX Image Decoding functionality of the SAIL Image Decoding Library v0.9

CVE-2025-46407 HIGH POC
8.8 Aug 25

A memory corruption vulnerability exists in the BMPv3 Palette Decoding functionality of the SAIL Image Decoding Library

CVE-2025-35984 HIGH POC
8.8 Aug 25

A memory corruption vulnerability exists in the PCX Image Decoding functionality of the SAIL Image Decoding Library v0.9

CVE-2025-32468 HIGH POC
8.8 Aug 25

A memory corruption vulnerability exists in the BMPv3 Image Decoding functionality of the SAIL Image Decoding Library v0

Share

CVE-2026-27168 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy