Skip to main content

GIMP CVE-2026-58379

| EUVDEUVD-2026-41560 HIGH
Heap-based Buffer Overflow (CWE-122)
2026-07-03 redhat GHSA-rx3j-28q8-xw3m
7.3
CVSS 3.1 · Vendor: redhat
Share

Severity by source

Vendor (redhat) PRIMARY
7.3 HIGH
AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
vuln.today AI
7.8 HIGH

Opening a crafted file needs no privileges (PR:N over the vendor's PR:L) but requires local file-open interaction (AV:L/UI:R); a heap overflow to code execution yields full C:H/I:H/A:H.

3.1 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
4.0 AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Primary rating from Vendor (redhat).

CVSS VectorVendor: redhat

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
Required
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

2
Analysis Generated
Jul 03, 2026 - 19:21 vuln.today
CVE Published
Jul 03, 2026 - 18:29 cve.org
HIGH 7.3

DescriptionCVE.org

A flaw was found in GIMP's Paint Shop Pro (PSP) file format parser. This heap buffer overflow vulnerability allows a remote attacker to cause arbitrary code execution or a denial of service (DoS) by tricking a user into opening a specially crafted PSP image file. The vulnerability occurs because the software incorrectly calculates buffer sizes when processing low bit-depth images, leading to an overwrite of adjacent memory.

AnalysisAI

Heap-based buffer overflow in GIMP's Paint Shop Pro (PSP) image format parser lets an attacker achieve arbitrary code execution or crash the application when a victim opens a maliciously crafted PSP file. The flaw stems from incorrect buffer-size arithmetic on low bit-depth images, and affects GIMP as shipped across Red Hat Enterprise Linux 6 through 9. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Craft malicious PSP file with bad low-bit-depth fields
Delivery
Deliver file via email or download
Exploit
User opens file in GIMP
Execution
PSP parser under-allocates heap buffer
Persist
Overflow overwrites adjacent heap memory
Impact
Execute code as user or crash GIMP

Vulnerability AssessmentAI

Exploitation Exploitation requires the victim to open a specially crafted Paint Shop Pro (PSP/PSPImage) file in GIMP; the overflow is only reached through the PSP import code path processing a low bit-depth image, so files of other formats or higher bit-depths do not trigger it. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The signals point to a real but not urgent client-side risk. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker crafts a PSP image file with malformed low bit-depth header fields and delivers it to a victim via email, chat, or a download link, counting on the user to open it in GIMP. When GIMP's PSP loader parses the file, the miscalculated allocation is overflowed, corrupting adjacent heap memory to either crash GIMP (DoS) or, with a reliable heap layout, execute code in the user's context. …
Remediation Apply the vendor GIMP package update once released for your RHEL version; the upstream code fix is available as GNOME GIMP commit https://gitlab.gnome.org/GNOME/gimp/-/commit/b630f167, so this is best described as an upstream fix available (commit); a released patched RHEL package version is not independently confirmed in the provided data, so monitor https://access.redhat.com/security/cve/CVE-2026-58379 for the errata and exact fixed NEVRA. … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours: Audit all GIMP installations on RHEL 6-9 systems and communicate to users that PSP files from external or untrusted sources should not be opened. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

CVE-2026-4480 CRITICAL POC
9.0 May 26

Remote code execution in Samba's printing subsystem allows remote attackers to inject arbitrary shell commands via craft

CVE-2026-14544 CRITICAL
9.8 Jul 03

Remote code execution and privilege escalation in HPLIP (HP Linux Imaging and Printing) affects the hpcups print filter

CVE-2026-33845 CRITICAL
9.1 Apr 30

Out-of-bounds read in the GnuTLS DTLS handshake reassembly logic lets remote unauthenticated attackers trigger an intege

CVE-2026-11610 HIGH
8.8 Jul 07

Denial of service in Red Hat / 389 Directory Server (389-ds-base, versions since ~1.3.2/2013) allows an authenticated LD

CVE-2026-14474 HIGH
8.8 Jul 07

Local-to-domain-wide root privilege escalation in SSSD's LDAP sudo provider allows an authenticated LDAP directory user

CVE-2026-52720 HIGH
8.8 Jun 15

Heap buffer overflow in GStreamer's librfb (RFB/VNC client) allows a malicious VNC server to corrupt heap memory on a co

CVE-2026-5260 HIGH
8.2 May 26

Information disclosure and denial of service in GnuTLS (libgnutls) let a remote, unauthenticated attacker trigger a heap

CVE-2026-0966 HIGH
8.2 Mar 26

Remote denial-of-service in libssh 0.11.x and earlier allows unauthenticated attackers to crash SSH server daemon proces

CVE-2026-42013 HIGH
8.2 May 26

Here is the multi-source synthesis as a single JSON object: ```json { "product_name": "GnuTLS", "summary": "Certifi

CVE-2026-14476 HIGH
8.0 Jul 07

Privilege escalation to root and Kerberos-based authentication bypass in SSSD's Active Directory GPO provider affects Re

CVE-2026-58384 HIGH
7.8 Jul 07

Heap memory corruption in GIMP's PSD (Photoshop) file parser allows a malicious .psd image to overflow an integer in rea

CVE-2026-58380 HIGH
7.8 Jul 06

Stack-based memory corruption in GIMP's PNM image parser lets an attacker execute code or crash the application when a v

Share

CVE-2026-58379 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy