What is the CVSS score of EUVD-2026-16341?

EUVD-2026-16341 has a CVSS 3.1 base score of 4.3 (Medium). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L. EPSS exploitation probability: 0.1%.

Which versions of GIMP. An are affected by EUVD-2026-16341?

Organizations using A flaw should be aware of moderate risk from CVE-2026-2272, a integer overflow vulnerability rated CVSS 4.3. Exploitation could cause memory corruption or application crashes.. A patch is available.

GIMP. An EUVD-2026-16341

| CVE-2026-2272 MEDIUM

Integer Overflow or Wraparound (CWE-190)

2026-03-26 redhat

GHSA-8g7q-m2xj-67ch

Buffer Overflow Denial Of Service Integer Overflow

4.3

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

Required

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

Low

Lifecycle Timeline

Patch released

Mar 31, 2026 - 21:13 nvd

Patch available

EUVD ID Assigned

Mar 26, 2026 - 20:31 euvd

EUVD-2026-16341

Analysis Generated

Mar 26, 2026 - 20:31 vuln.today

CVE Published

Mar 26, 2026 - 20:00 nvd

MEDIUM 4.3

DescriptionNVD

A flaw was found in GIMP. An integer overflow vulnerability exists when processing ICO image files, specifically in the ico_read_info and ico_read_icon functions. This issue arises because a size calculation for image buffers can wrap around due to a 32-bit integer evaluation, allowing oversized image headers to bypass security checks. A remote attacker could exploit this by providing a specially crafted ICO file, leading to a buffer overflow and memory corruption, which may result in an application level denial of service.

AnalysisAI

A security vulnerability in A flaw (CVSS 4.3). Remediation should follow standard vulnerability management procedures.

RemediationAI

Within 30 days: Identify affected systems and apply vendor patches as part of regular patch cycle. Monitor vendor channels for patch availability.

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

Vendor StatusVendor

Ubuntu

Priority: Medium

gimp

Release	Status	Version
xenial	needs-triage	-
bionic	needs-triage	-
focal	needs-triage	-
jammy	needs-triage	-
noble	needs-triage	-
questing	needs-triage	-
upstream	needs-triage	-

Debian

Bug #1127842

gimp

Release	Status	Fixed Version	Urgency
bullseye	fixed	2.10.22-4+deb11u6	-
bullseye (security)	fixed	2.10.22-4+deb11u7	-
bookworm	fixed	2.10.34-1+deb12u8	-
bookworm (security)	fixed	2.10.34-1+deb12u9	-
trixie, trixie (security)	fixed	3.0.4-3+deb13u7	-
forky	fixed	3.2.0~RC3-1	-
sid	fixed	3.2.0-1	-
trixie	fixed	3.0.4-3+deb13u6	-
(unstable)	fixed	3.2.0~RC2-3.2	-

DLA-4483-1 DSA-6139-1

EUVD-2026-16341 vulnerability details – vuln.today

Back

GIMP. An EUVD-2026-16341

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

RemediationAI

Full analysis requires sign-in

Vendor StatusVendor

Ubuntu

Debian

Share

External POC / Exploit Code