Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2006-2026 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Tiff

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-1285 — Improper Validation of Specified Index, Position, or Offset in Input CWE-347 — Improper Verification of Cryptographic Signature21 documents13 sources

Severity

6.5MEDIUMNVD

EPSS

10.3%

top 6.81%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Debian Tiff Libtiff Ensdomains Ens-contracts +1 more

Timeline

PublishedApr 25

Latest updateMar 19

Description

Double free vulnerability in tif_jpeg.c in libtiff before 3.8.1 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TIFF image that triggers errors related to "setfield/getfield methods in cleanup functions."

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 8.0 | Impact: 6.4

Affected Packages4 packages

▶NVDlibtiff/libtiff3.8.0+12

▶debiandebian/tiff< tiff 3.8.1 (bookworm)

▶npmensdomains/ens-contracts1.6.2

▶apacheapache/httpd

Patches

Patch: bugzilla.remotesensing.org ↗Patch: bugzilla.redhat.com ↗Patch: bugzilla.remotesensing.org ↗

🔴Vulnerability Details

GHSA

ENS DNSSEC Oracle Vulnerable to RSA Signature Forgery via Missing PKCS#1 v1.5 Padding Validation↗2026-02-25

▶

GHSA

GHSA-vcfg-6cwj-xppm: Double free vulnerability in tif_jpeg↗2022-05-03

▶

OSV

CVE-2006-2026: Double free vulnerability in tif_jpeg↗2006-04-25

▶

💥Exploits & PoCs

Exploit-DB

LibTiff 3.x - Double-Free Memory Corruption↗2008-04-28

▶

📋Vendor Advisories

Red Hat

postgresql: PostgreSQL missing validation of multibyte character length executes arbitrary code↗2026-02-12

▶

Ubuntu

TIFF library vulnerabilities↗2006-05-04

▶

Red Hat

security flaw↗2006-03-03

▶

Debian

CVE-2006-2026: tiff - Double free vulnerability in tif_jpeg.c in libtiff before 3.8.1 allows context-d...↗2006

▶

Citrix

Citrix Security Bulletin CTX111695↗

▶

🕵️Threat Intelligence

Tenable

Marcus Ranum PaulDotCom Interview on Penetration Testing↗2008-12-14

▶

💬Community

Bugzilla

CVE-2006-10003 perl-xml-parser: XML::Parser: Memory corruption via deeply nested XML files↗2026-03-19

▶

Bugzilla

CVE-2006-2026 security flaw↗2018-08-16

▶