What is the CVSS score of CVE-2026-27809?

CVE-2026-27809 has a CVSS 3.1 base score of 9.1 (Critical). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H. EPSS exploitation probability: 0.0%.

Which versions of Python are affected by CVE-2026-27809?

A critical vulnerability in psd-tools (CVE-2026-27809) allows remote code execution through malformed PSD files, affecting any organization using this Python library for file processing.. A patch is available.

Is there a public PoC exploit available for CVE-2026-27809?

Yes, a public proof-of-concept exploit is available for CVE-2026-27809. Prioritise patching immediately. EPSS: 0.0%.

How to fix or mitigate CVE-2026-27809?

Within 24 hours: Identify all systems and applications using psd-tools library and assess exposure to untrusted PSD file inputs. Within 7 days: Update psd-tools to version 1.12.2 or later across all affected systems and conduct testing to validate functionality. Within 30 days: Implement input validation and file scanning controls for all PSD file uploads, and document the remediation in your vulnerability management system.

Python CVE-2026-27809

CRITICAL

Integer Overflow or Wraparound (CWE-190)

2026-02-26 security-advisories@github.com

GHSA-24p2-j2jr-386w

Adobe Python Denial Of Service Psd Tools

9.1

CVSS 3.1 · GitHub Advisory

Severity by source

GitHub Advisory PRIMARY

9.1 CRITICAL

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

Primary rating from GitHub Advisory · only source for this CVE.

CVSS VectorGitHub Advisory

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

High

Availability

High

Lifecycle Timeline

Analysis Generated

Mar 12, 2026 - 21:55 vuln.today

PoC Detected

Mar 02, 2026 - 18:55 vuln.today

Public exploit code

Patch released

Mar 02, 2026 - 18:55 nvd

Patch available

CVE Published

Feb 26, 2026 - 00:16 nvd

CRITICAL 9.1

DescriptionGitHub Advisory

psd-tools is a Python package for working with Adobe Photoshop PSD files. Prior to version 1.12.2, when a PSD file contains malformed RLE-compressed image data (e.g. a literal run that extends past the expected row size), decode_rle() raises ValueError which propagated all the way to the user, crashing psd.composite() and psd-tools export. decompress() already had a fallback that replaces failed channels with black pixels when result is None, but it never triggered because the ValueError from decode_rle() was not caught. The fix in version 1.12.2 wraps the decode_rle() call in a try/except so the existing fallback handles the error gracefully.

AnalysisAI

Integer overflow in psd-tools Python library before 1.12.2 when processing malformed RLE-compressed PSD files leads to heap overflow. PoC and patch available.

Unlock full vulnerability intelligence

Risk assessment & exploitation conditions
Attack chain visualization
Remediation with exact patch versions
Threat intelligence from 22 sources
Personal watchlist & email alerts

Continue with Google Continue with GitHub

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access

Craft malformed PSD file with RLE data

Exploit

Upload or open PSD in psd-tools

Execution

Trigger decode_rle() ValueError

Impact

Crash application and corrupt output

Access

Craft malformed PSD file with RLE data

Exploit

Upload or open PSD in psd-tools

Execution

Trigger decode_rle() ValueError

Impact

Crash application and corrupt output

Vulnerability AssessmentAI

Exploitation	PSD file with malformed RLE-compressed image data where literal run extends past expected row size. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment	CVSS 9.1. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario	Attacker uploads crafted PSD file that triggers integer overflow during RLE decompression, causing heap corruption.
Remediation	Update psd-tools to 1.12.2. Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours: Identify all systems and applications using psd-tools library and assess exposure to untrusted PSD file inputs. …

Threat intelligence, references, and detailed analysis are available after sign-in.

More from same product – last 7 days

CVE-2026-48039 CRITICAL Act Now POC

9.1 Jun 11

Unauthenticated remote attackers can invoke MCP tool handlers and exfiltrate the operator's long-lived Meta Graph API ac

CVE-2026-20251 HIGH This Week

8.8 Jun 10

Remote code execution in Splunk Enterprise, Splunk Cloud Platform, and the Splunk Secure Gateway app allows a low-privil

CVE-2026-53753 CRITICAL Act Now

9.8 Jun 16

Unauthenticated remote code execution in Crawl4AI versions <= 0.8.6 allows attackers to escape the AST-based sandbox in

CVE-2026-48519 CRITICAL Act Now

9.6 Jun 16

Remote code execution in Langflow versions through 1.9.1 allows unauthenticated attackers to execute arbitrary Python co

CVE-2026-45833 CRITICAL Act Now

9.4 Jun 12

Authenticated remote code execution in ChromaDB Python project versions 0.4.17 and later enables attackers holding the U

CVE-2026-27809 vulnerability details – vuln.today

Back

Python CVE-2026-27809

Severity by source

CVSS VectorGitHub Advisory

Lifecycle Timeline

DescriptionGitHub Advisory

AnalysisAI

Unlock full vulnerability intelligence

Attack ChainAIDerived

Vulnerability AssessmentAI

Recommended ActionAI

More from same product – last 7 days

Share

External POC / Exploit Code