What is the CVSS score of CVE-2026-4152?

CVE-2026-4152 has a CVSS 3.0 base score of 7.8 (High). CVSS vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H. EPSS exploitation probability: 0.1%.

Which versions of Red Hat are affected by CVE-2026-4152?

CVE-2026-4152 is a critical remote code execution vulnerability in GIMP's JPEG 2000 image parser that allows attackers to execute arbitrary code on user systems through crafted image files.. A patch is available.

How to fix or mitigate CVE-2026-4152?

Within 24 hours: Disable GIMP or restrict it to trusted image sources only; communicate vulnerability to all users via security alert. Within 7 days: Implement technical controls blocking JP2 file execution in GIMP (via endpoint policy if available), or uninstall GIMP from high-risk endpoints. Within 30 days: Monitor vendor security advisories for patch availability; evaluate alternative image processing tools without this vulnerability; conduct audit of GIMP usage across the organization to identify business-critical dependencies requiring prioritized patching once available.

Red Hat CVE-2026-4152

EUVD-2026-21633 HIGH

Heap-based Buffer Overflow (CWE-122)

2026-04-11 zdi

RCE Buffer Overflow Heap Overflow Red Hat Suse

7.8

CVSS 3.0

CVSS VectorNVD

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Attack Vector

Local

Attack Complexity

Low

Privileges Required

None

User Interaction

Required

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

EUVD ID Assigned

Apr 11, 2026 - 01:00 euvd

EUVD-2026-21633

Analysis Generated

Apr 11, 2026 - 01:00 vuln.today

CVE Published

Apr 11, 2026 - 00:15 nvd

HIGH 7.8

DescriptionNVD

GIMP JP2 File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.

The specific flaw exists within the parsing of JP2 files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-28863.

AnalysisAI

Heap-based buffer overflow in GIMP's JP2 image parser enables unauthenticated remote code execution when users open crafted JPEG 2000 files. The vulnerability stems from insufficient validation of user-supplied data length before copying to heap memory, allowing attackers to execute arbitrary code with user privileges. …

RemediationAI

Within 24 hours: Disable GIMP or restrict it to trusted image sources only; communicate vulnerability to all users via security alert. Within 7 days: Implement technical controls blocking JP2 file execution in GIMP (via endpoint policy if available), or uninstall GIMP from high-risk endpoints. …

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory