What is the CVSS score of EUVD-2026-17343?

EUVD-2026-17343 has a CVSS 3.1 base score of 7.5 (High). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H. EPSS exploitation probability: 0.1%.

Which versions of gdk-pixbuf are affected by EUVD-2026-17343?

CVE-2026-5201 is a heap buffer overflow in gdk-pixbuf's JPEG image loader affecting Red Hat Enterprise Linux 6-10, allowing unauthenticated attackers to remotely crash applications that process JPEG…. A patch is available.

gdk-pixbuf EUVD-2026-17343

| CVE-2026-5201 HIGH

Heap-based Buffer Overflow (CWE-122)

2026-03-31 redhat

Buffer Overflow Denial Of Service Heap Overflow

7.5

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Lifecycle Timeline

Analysis Updated

Apr 30, 2026 - 08:28 vuln.today

v7 (cvss_changed)

Analysis Updated

Apr 30, 2026 - 06:28 vuln.today

v6 (cvss_changed)

Analysis Updated

Apr 28, 2026 - 09:28 vuln.today

v5 (cvss_changed)

Analysis Updated

Apr 28, 2026 - 08:28 vuln.today

v4 (cvss_changed)

Analysis Updated

Apr 27, 2026 - 10:27 vuln.today

v3 (cvss_changed)

Analysis Updated

Apr 27, 2026 - 03:27 vuln.today

v2 (cvss_changed)

Re-analysis Queued

Apr 27, 2026 - 03:22 vuln.today

cvss_changed

Patch released

Mar 31, 2026 - 21:13 nvd

Patch available

EUVD ID Assigned

Mar 31, 2026 - 08:45 euvd

EUVD-2026-17343

Analysis Generated

Mar 31, 2026 - 08:45 vuln.today

CVE Published

Mar 31, 2026 - 08:32 nvd

HIGH 7.5

DescriptionNVD

A flaw was found in the gdk-pixbuf library. This heap-based buffer overflow vulnerability occurs in the JPEG image loader due to improper validation of color component counts when processing a specially crafted JPEG image. A remote attacker can exploit this flaw without user interaction, for example, via thumbnail generation. Successful exploitation leads to application crashes and denial of service (DoS) conditions.

AnalysisAI

Heap-based buffer overflow in gdk-pixbuf's JPEG image loader enables remote denial of service through malformed JPEG images without user interaction. The vulnerability triggers during automated image processing operations like thumbnail generation across Red Hat Enterprise Linux 6 through 10, allowing unauthenticated network attackers to crash applications that process JPEG images. …

RemediationAI

Within 24 hours: Identify systems running gdk-pixbuf on RHEL 6-10 and document which handle untrusted image inputs (web apps, email servers, document processors). Within 7 days: Apply vendor-released patch to gdk-pixbuf across all affected systems; prioritize production servers accepting external JPEG uploads. …

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

Vendor StatusVendor

EUVD-2026-17343 vulnerability details – vuln.today

Back

gdk-pixbuf EUVD-2026-17343

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

RemediationAI

Full analysis requires sign-in

Vendor StatusVendor

Share

External POC / Exploit Code