What is the CVSS score of CVE-2026-44636?

CVE-2026-44636 has a CVSS 3.1 base score of 7.4 (High). CVSS vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H. EPSS exploitation probability: 0.0%.

Which versions of libsixel are affected by CVE-2026-44636?

CVE-2026-44636 is a heap buffer overflow in libsixel 1.8.7-r1 affecting image encoding functionality; local attackers can crash applications or execute arbitrary code by supplying specially crafted…. A patch is available.

libsixel CVE-2026-44636

EUVD-2026-30409 HIGH

Heap-based Buffer Overflow (CWE-122)

2026-05-14 GitHub_M

Buffer Overflow Heap Overflow Suse

7.4

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Local

Attack Complexity

High

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

Patch available

May 14, 2026 - 21:32 EUVD

Analysis Generated

May 14, 2026 - 21:15 vuln.today

CVE Published

May 14, 2026 - 20:01 nvd

HIGH 7.4

DescriptionNVD

libsixel is a SIXEL encoder/decoder implementation derived from kmiya's sixel. From to 1.8.7-r1, signed integer overflow in sixel_encode_highcolor's allocation size calculation can lead to a heap buffer overflow. The public sixel_encode entry point validates only that width and height are greater than zero, with no upper bound. width and height are multiplied as plain int when computing the allocation size for paletted_pixels and normalized_pixels. Any caller that asks libsixel to encode a pixel buffer with width times height greater than INT_MAX (about 2.15 billion) will hit a wrapped allocation size; under the right wrap, the malloc succeeds with a buffer much smaller than the encoder expects, and the encoder writes past the end of the heap allocation. This vulnerability is fixed in 1.8.7-r2.

AnalysisAI

Heap buffer overflow in libsixel 1.8.7-r1 and earlier allows local attackers to execute arbitrary code or crash the application when encoding images with dimensions exceeding 2.15 billion pixels. The sixel_encode_highcolor function contains a signed integer overflow in allocation size calculation that wraps to a small value, causing malloc to succeed with an undersized buffer that the encoder subsequently overflows. …

RemediationAI

Within 24 hours: Inventory systems and applications using libsixel 1.8.7-r1 or earlier; check vendor advisory status for patch release timeline. Within 7 days: Implement input validation on image dimensions (reject files claiming dimensions exceeding 2 billion pixels); restrict libsixel processing to trusted image sources where feasible. …

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

More from same product – last 7 days

CVE-2026-9256 HIGH This Week

8.1 May 22

Heap buffer overflow in NGINX Plus and NGINX Open Source ngx_http_rewrite_module allows unauthenticated remote attackers

Vendor StatusVendor

CVE-2026-44636 vulnerability details – vuln.today

Back

libsixel CVE-2026-44636

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

RemediationAI

Full analysis requires sign-in

More from same product – last 7 days

Vendor StatusVendor

Share

External POC / Exploit Code