Skip to main content

Gimp EUVDEUVD-2026-21638

| CVE-2026-4154 HIGH
Integer Overflow or Wraparound (CWE-190)
2026-04-11 zdi
7.8
CVSS 3.1 · Vendor: zdi
Share

Severity by source

Vendor (zdi) PRIMARY
7.8 HIGH
AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
SUSE
HIGH
qualitative
Red Hat
7.8 HIGH
qualitative

Primary rating from Vendor (zdi).

CVSS VectorVendor: zdi

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

4
Patch released
Apr 11, 2026 - 02:30 nvd
Patch available
EUVD ID Assigned
Apr 11, 2026 - 01:00 euvd
EUVD-2026-21638
Analysis Generated
Apr 11, 2026 - 01:00 vuln.today
CVE Published
Apr 11, 2026 - 00:16 nvd
HIGH 7.8

DescriptionCVE.org

GIMP XPM File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.

The specific flaw exists within the parsing of XPM files. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before allocating a buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-28901.

AnalysisAI

Integer overflow in GIMP XPM file parser enables remote code execution when processing malicious XPM image files. Affects GIMP installations across platforms. Attackers can execute arbitrary code in victim's process context by delivering crafted XPM files via social engineering or drive-by downloads. Vulnerability requires user interaction (opening malicious file). CVSS 7.8 (High severity). No public exploit identified at time of analysis. Upstream patch committed to GIMP repository; vendor-released version not independently confirmed.

Technical ContextAI

Integer overflow vulnerability (CWE-190) in XPM image format parser stems from insufficient validation of user-supplied dimensional data before buffer allocation. Overflow occurs during size calculation for image data structures, resulting in undersized buffer allocation. Subsequent operations write beyond allocated boundaries, enabling memory corruption and control-flow hijacking. Affects cpe:2.3:a:gimp:gimp product line.

RemediationAI

Upstream fix available (commit 2e7ed91793792d9e980b2df4c829e9aa60459253); released patched version not independently confirmed. Users should monitor GIMP project releases and apply updates immediately upon availability. SUSE Linux Enterprise users should apply security update SUSE-SU-2026:1193 per vendor advisory at https://www.suse.com/support/update/SUSE-SU-2026:1193/. Until patched version deploys, restrict opening XPM files from untrusted sources. Implement application sandboxing or mandatory access controls to limit code execution impact. Review ZDI advisory for additional technical details: https://www.zerodayinitiative.com/advisories/ZDI-26-221/. Monitor upstream repository https://gitlab.gnome.org/GNOME/gimp for release announcements containing commit 2e7ed91793792d9e980b2df4c829e9aa60459253.

More in Gimp

View all
CVE-2012-2763 HIGH POC
7.5 Jul 12

Buffer overflow in the readstr_upto function in plug-ins/script-fu/tinyscheme/scheme.c in GIMP 2.6.12 and earlier, and p

CVE-2012-5576 HIGH POC
7.5 Dec 18

Multiple stack-based buffer overflows in file-xwd.c in the X Window Dump (XWD) plug-in in GIMP 2.8.2 allow remote attack

CVE-2017-17789 HIGH POC
7.8 Dec 20

In GIMP 2.8.22, there is a heap-based buffer overflow in read_channel_data in plug-ins/common/file-psp.c. Rated high sev

CVE-2012-3236 MEDIUM POC
4.3 Jul 12

fits-io.c in GIMP before 2.8.1 allows remote attackers to cause a denial of service (NULL pointer dereference and applic

CVE-2022-32990 MEDIUM POC
5.5 Jun 24

An issue in gimp_layer_invalidate_boundary of GNOME GIMP 2.10.30 allows attackers to trigger an unhandled exception via

CVE-2022-30067 MEDIUM POC
5.5 May 17

GIMP 2.10.30 and 2.99.10 are vulnerable to Buffer Overflow. Rated medium severity (CVSS 5.5), this vulnerability is no a

CVE-2018-12713 CRITICAL
9.1 Jun 24

GIMP through 2.10.2 makes g_get_tmp_dir calls to establish temporary filenames, which may result in a filename that alre

CVE-2025-5473 HIGH
8.8 Jun 06

Critical remote code execution vulnerability in GIMP's ICO file parser caused by an integer overflow (CWE-190) that lack

CVE-2026-2044 HIGH
8.8 Feb 20

Remote code execution in GIMP 3.0.6 allows attackers to run arbitrary code by tricking a user into opening a malicious P

CVE-2026-0797 HIGH
8.8 Feb 20

Remote code execution in GIMP 3.2.0-rc1 lets attackers run arbitrary code by tricking a user into opening a malicious IC

CVE-2016-4994 HIGH
7.8 Jul 12

Use-after-free vulnerability in the xcf_load_image function in app/xcf/xcf-load.c in GIMP allows remote attackers to cau

CVE-2026-2050 HIGH
7.8 Jun 24

Arbitrary code execution in GIMP results from a heap-based buffer overflow in the HDR file parser, where attacker-contro

Vendor StatusVendor

SUSE

Severity: High
Product Status
SUSE Linux Enterprise Desktop 15 SP7 SUSE Linux Enterprise Server 15 SP7 SUSE Linux Enterprise Server for SAP Applications 15 SP7 SUSE Linux Enterprise Workstation Extension 15 SP7 Fixed
SUSE Linux Enterprise Module for Package Hub 15 SP7 Fixed
openSUSE Leap 15.6 Fixed
openSUSE Leap 16.0 Fixed
SUSE Linux Enterprise Desktop 15 SP7 Fixed

Share

EUVD-2026-21638 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy