GIMP XWD File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

GIMP contains a remote code execution vulnerability (CVE-2026-2045) with a CVSS score of 7.8 that allows attackers to execute arbitrary code if a user opens a malicious file or visits a compromised webpage. An attacker can gain complete control over affected systems by tricking users into interacting with malicious content. Security teams should immediately patch GIMP installations, alert users to avoid opening suspicious files from untrusted sources, and monitor systems for any signs of exploitation.