GIMP XWD File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

GIMP contains a remote code execution vulnerability (CVE-2026-2048) rated as HIGH severity with a CVSS score of 7.8 that allows attackers to execute arbitrary code if a user opens a malicious file or visits a malicious webpage. An attacker can gain complete control over the affected system by tricking users into interacting with compromised content. Security teams should prioritize patching GIMP installations, alert users to avoid opening files from untrusted sources, and monitor for any exploitation attempts in their environments.