anonhaven
Ad

CVE-2026-4887

MEDIUM CVSS 3.1: 6.1 EPSS 0.09%
Updated Mar 26, 2026
Red Hat
Parameter Value
CVSS 6.1 (MEDIUM)
Type CWE-193
Vendor Red Hat
Public PoC No

A flaw was found in GIMP. This issue is a heap buffer over-read in GIMP PCX file loader due to an off-by-one error. A remote attacker could exploit this by convincing a user to open a specially crafted PCX image.

Successful exploitation could lead to out-of-bounds memory disclosure and a possible application crash, resulting in a Denial of Service (DoS).

Attack Parameters

Attack Vector
Local
Requires local access
Attack Complexity
Low
Easy to exploit
Privileges Required
None
No privileges needed
User Interaction
Required
User action required

Impact Assessment

Confidentiality
Low
Partial data leak
Integrity
None
No data modification
Availability
High
Complete denial of service

CVSS Vector v3.1

Weakness Type (CWE)

CWE-193

Vulnerable Products

red hat:red hat enterprise linux 6 red hat:red hat enterprise linux 9 red hat:red hat enterprise linux 7 red hat:red hat enterprise linux 8

References 3

https://access.redhat.com/security/cve/CVE-2026-4887
NVD
https://bugzilla.redhat.com/show_bug.cgi?id=2451669
RHBZ#2451669
https://gitlab.gnome.org/GNOME/gimp/-/issues/15960
NVD
Share Post Share Share Share

Related Vulnerabilities

CVE-2026-35093

Fedoraproject

8.8

CVE-2026-5121

Red Hat

7.5

CVE-2026-5119

Red Hat

5.9

CVE-2026-0965

Red Hat

3.3

CVE-2026-0967

Red Hat

2.2