Skip to main content

CVE-2026-30006

| EUVDEUVD-2026-14467 MEDIUM
Classic Buffer Overflow (CWE-120)
2026-03-23 mitre GHSA-h33x-g7hg-8q7v
6.2
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
6.2 MEDIUM
AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

3
EUVD ID Assigned
Mar 23, 2026 - 17:00 euvd
EUVD-2026-14467
Analysis Generated
Mar 23, 2026 - 17:00 vuln.today
CVE Published
Mar 23, 2026 - 00:00 nvd
MEDIUM 6.2

DescriptionCVE.org

XnSoft NConvert 7.230 is vulnerable to Stack Buffer Overrun via a crafted .tiff file.

AnalysisAI

XnSoft NConvert version 7.230 contains a stack buffer overflow vulnerability triggered by specially crafted TIFF files, allowing an attacker to overwrite stack memory and potentially execute arbitrary code or cause denial of service. The vulnerability affects the image conversion functionality of NConvert, a widely-used command-line image conversion tool. A proof-of-concept exploit has been documented on GitHub (PassMoon/Nconvert_Vul), indicating public awareness and potential active exploitation risk.

Technical ContextAI

NConvert is a multi-format image conversion utility that processes various image file formats including TIFF. The vulnerability resides in the TIFF file parsing routine, where insufficient bounds checking on input data allows a stack buffer overrun. This represents a classic CWE-674 (Uncontrolled Recursion) or CWE-120 (Buffer Copy without Checking Size of Input) vulnerability in the image decoder logic. When NConvert processes a malformed TIFF file with oversized or specially crafted metadata or image data sections, the parser writes beyond allocated stack buffer boundaries, corrupting adjacent stack frames and potentially hijacking control flow.

RemediationAI

Immediately cease use of NConvert 7.230 and upgrade to the latest available version from the official XnSoft website (https://www.xnview.com/en/nconvert/#downloads), verifying that the new version addresses this buffer overflow. Until a patched version is deployed, implement input validation by sandboxing NConvert execution in a restricted environment (Docker container, virtual machine, or OS-level sandbox) with minimal privileges and resource limits to contain potential exploitation. Additionally, restrict NConvert usage to trusted, authenticated sources of TIFF files only, and disable automatic or untrusted file processing workflows. Monitor vendor announcements and security advisories from XnSoft for official patch releases and version recommendations. If NConvert is critical to operations, evaluate alternative image conversion tools with better security postures during the interim period.

Share

CVE-2026-30006 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy