Libvips

5 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest
CVE-2026-3281 MEDIUM POC PATCH This Month

Heap-based buffer overflow in libvips 8.19.0's vips_bandrank_build function can be triggered by manipulating the index argument, allowing local attackers with user privileges to corrupt heap memory and potentially achieve code execution. Public exploit code exists for this vulnerability, and a patch is available to address the issue.

Buffer Overflow Heap Overflow Libvips
NVD GitHub VulDB
CVSS 3.1
5.3
EPSS
0.0%
CVE-2026-3147 MEDIUM POC PATCH This Month

Libvips up to version 8.18.0 contains a heap buffer overflow in the CSV parsing function that allows local attackers with user-level privileges to corrupt memory and potentially execute arbitrary code. Public exploit code is available for this vulnerability, and a patch has been released to address the issue.

Buffer Overflow Heap Overflow Libvips
NVD GitHub VulDB
CVSS 3.1
5.3
EPSS
0.0%
CVE-2026-3145 MEDIUM POC PATCH This Month

Memory corruption in libvips up to version 8.18.0 affects the matrix file loading functionality, allowing local attackers with user privileges to corrupt memory through crafted input files. Public exploit code is available for this vulnerability, and a patch has been released to remediate the issue.

Memory Corruption Libvips
NVD GitHub VulDB
CVSS 3.1
5.3
EPSS
0.0%
CVE-2025-59933 MEDIUM PATCH This Month

libvips is a demand-driven, horizontally threaded image processing library. Rated medium severity (CVSS 5.1), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow Libvips Suse
NVD GitHub
CVSS 4.0
5.1
EPSS
0.0%
CVE-2025-29769 HIGH POC PATCH This Week

libvips is a demand-driven, horizontally threaded image processing library. Rated high severity (CVSS 8.5), this vulnerability is low attack complexity. Public exploit code available.

Buffer Overflow Heap Overflow Libvips Debian Linux
NVD GitHub
CVSS 4.0
8.5
EPSS
0.1%
CVE-2026-3281
EPSS 0% CVSS 5.3
MEDIUM POC PATCH This Month

Heap-based buffer overflow in libvips 8.19.0's vips_bandrank_build function can be triggered by manipulating the index argument, allowing local attackers with user privileges to corrupt heap memory and potentially achieve code execution. Public exploit code exists for this vulnerability, and a patch is available to address the issue.

Buffer Overflow Heap Overflow Libvips
NVD GitHub VulDB
CVE-2026-3147
EPSS 0% CVSS 5.3
MEDIUM POC PATCH This Month

Libvips up to version 8.18.0 contains a heap buffer overflow in the CSV parsing function that allows local attackers with user-level privileges to corrupt memory and potentially execute arbitrary code. Public exploit code is available for this vulnerability, and a patch has been released to address the issue.

Buffer Overflow Heap Overflow Libvips
NVD GitHub VulDB
CVE-2026-3145
EPSS 0% CVSS 5.3
MEDIUM POC PATCH This Month

Memory corruption in libvips up to version 8.18.0 affects the matrix file loading functionality, allowing local attackers with user privileges to corrupt memory through crafted input files. Public exploit code is available for this vulnerability, and a patch has been released to remediate the issue.

Memory Corruption Libvips
NVD GitHub VulDB
CVE-2025-59933
EPSS 0% CVSS 5.1
MEDIUM PATCH This Month

libvips is a demand-driven, horizontally threaded image processing library. Rated medium severity (CVSS 5.1), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow Libvips Suse
NVD GitHub
CVE-2025-29769
EPSS 0% CVSS 8.5
HIGH POC PATCH This Week

libvips is a demand-driven, horizontally threaded image processing library. Rated high severity (CVSS 8.5), this vulnerability is low attack complexity. Public exploit code available.

Buffer Overflow Heap Overflow Libvips +1
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy