CVE-2026-26740
published 2026-03-18CVE-2026-26740: Buffer Overflow vulnerability in giflib v.5.2.2 allows a remote attacker to cause a denial of service via the EGifGCBToExtension overwriting an existing…
PriorityP343high8.2CVSS 3.1
AVNACLPRNUINSUCNILAH
EPSS
0.47%
37.0th percentile
Buffer Overflow vulnerability in giflib v.5.2.2 allows a remote attacker to cause a denial of service via the EGifGCBToExtension overwriting an existing Graphic Control Extension block without validating its allocated size.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | giflib | — | — |
| giflib_project | giflib | — | — |
CVSS provenance
nvdv3.18.2HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
osv8.2HIGH
vendor_debian8.2HIGH
vendor_redhat8.2HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
VulDB
Giflib 5.2.2 EGifGCBToExtension buffer overflow (EUVD-2026-12914 / Nessus ID 309659)
vuldb·2026-04-23·CVSS 8.2
CVE-2026-26740 [HIGH] Giflib 5.2.2 EGifGCBToExtension buffer overflow (EUVD-2026-12914 / Nessus ID 309659)
A vulnerability was found in Giflib 5.2.2. It has been declared as critical. The affected element is the function EGifGCBToExtension. The manipulation results in buffer overflow.
This vulnerability was named CVE-2026-26740. The attack may be performed from remote. In addition, an exploit is available.
GHSA
GHSA-g43h-fmhp-fvff: Buffer Overflow vulnerability in giflib v
ghsa_unreviewed·2026-03-18
CVE-2026-26740 [HIGH] CWE-787 GHSA-g43h-fmhp-fvff: Buffer Overflow vulnerability in giflib v
Buffer Overflow vulnerability in giflib v.5.2.2 allows a remote attacker to cause a denial of service via the EGifGCBToExtension overwriting an existing Graphic Control Extension block without validating its allocated size.
OSV
CVE-2026-26740: Buffer Overflow vulnerability in giflib v
osv·2026-03-18·CVSS 8.2
CVE-2026-26740 [HIGH] CVE-2026-26740: Buffer Overflow vulnerability in giflib v
Buffer Overflow vulnerability in giflib v.5.2.2 allows a remote attacker to cause a denial of service via the EGifGCBToExtension overwriting an existing Graphic Control Extension block without validating its allocated size.
Chrome
Stable Channel Update for ChromeOS / ChromeOS Flex: CVE-2026-26740
vendor_chrome·2026-05-19·CVSS 8.2
CVE-2026-26740 [HIGH] Stable Channel Update for ChromeOS / ChromeOS Flex: CVE-2026-26740
Stable Channel Update for ChromeOS / ChromeOS Flex
CVE-2026-26740
Red Hat
giflib: giflib: Denial of Service via buffer overflow in EGifGCBToExtension
vendor_redhat·2026-03-18·CVSS 8.2
CVE-2026-26740 [HIGH] CWE-787 giflib: giflib: Denial of Service via buffer overflow in EGifGCBToExtension
giflib: giflib: Denial of Service via buffer overflow in EGifGCBToExtension
Buffer Overflow vulnerability in giflib v.5.2.2 allows a remote attacker to cause a denial of service via the EGifGCBToExtension overwriting an existing Graphic Control Extension block without validating its allocated size.
A flaw was found in giflib. A remote attacker can exploit a buffer overflow vulnerability in the EGifGCBToExtension function by providing a specially crafted Graphics Control Extension (GCE) block. This allows overwriting an existing GCE block without proper size validation, leading to a denial of service (DoS) on the system.
Mitigation: Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use
Debian
CVE-2026-26740: giflib - Buffer Overflow vulnerability in giflib v.5.2.2 allows a remote attacker to caus...
vendor_debian·2026·CVSS 8.2
CVE-2026-26740 [HIGH] CVE-2026-26740: giflib - Buffer Overflow vulnerability in giflib v.5.2.2 allows a remote attacker to caus...
Buffer Overflow vulnerability in giflib v.5.2.2 allows a remote attacker to cause a denial of service via the EGifGCBToExtension overwriting an existing Graphic Control Extension block without validating its allocated size.
Scope: local
bookworm: open
bullseye: open
forky: open
sid: open
trixie: open
No detection rules found.
No public exploits indexed.
Wiz
CVE-2026-23865 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 5.3
CVE-2026-23865 [MEDIUM] CVE-2026-23865 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2026-23865 :
OpenJDK JDK vulnerability analysis and mitigation
An integer overflow in the tt_var_load_item_variation_store function of the Freetype library in versions 2.13.2 and 2.13.3 may allow for an out of bounds read operation when parsing HVAR/VVAR/MVAR tables in OpenType variable fonts. This issue is fixed in version 2.14.2.
Source : NVD
## 5.3
Score
Published March 2, 2026
Severity MEDIUM
CNA Score 5.3
Affected Technologies
OpenJDK JDK
Wolfi
Has Public Exploit No
Has CISA KEV Exploit No
CISA KEV Release Date N/A
CISA KEV Due Date N/A
Exploitation Probability Percentile (EPSS) 3.1
Exploitation Probability (EPSS) N/A
Affected packages and libraries
java-21-openjdk-static-libs-fastdebug
java-25-openjdk-static-libs-fastdebug
Sources
NVD
Chainguard No Fix
Wiz
CVE-2026-3713 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 5.3
CVE-2026-3713 [MEDIUM] CVE-2026-3713 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2026-3713 :
OpenJDK JDK vulnerability analysis and mitigation
A flaw has been found in pnggroup libpng up to 1.6.55. Affected by this vulnerability is the function do_pnm2png of the file contrib/pngminus/pnm2png.c of the component pnm2png. This manipulation of the argument width/height causes heap-based buffer overflow. The attack is restricted to local execution. The exploit has been published and may be used. The project was informed of the problem early through an issue report but has not responded yet.
Source : NVD
## 4.8
Score
Published March 8, 2026
Severity MEDIUM
CNA Score 4.8
Affected Technologies
OpenJDK JDK
Wolfi
Has Public Exploit Yes
Has CISA KEV Exploit No
CISA KEV Release Date N/A
CISA KEV Due Date N/A
Exploitation Probability Percentile (EPSS) 2.9
Wiz
CVE-2026-34757 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 8.2
CVE-2026-34757 [HIGH] CVE-2026-34757 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2026-34757 :
OpenJDK JDK vulnerability analysis and mitigation
LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. From 1.0.9 to before 1.6.57, passing a pointer obtained from png_get_PLTE, png_get_tRNS, or png_get_hIST back into the corresponding setter on the same png_struct/png_info pair causes the setter to read from freed memory and copy its contents into the replacement buffer. The setter frees the internal buffer before copying from the caller-supplied pointer, which now dangles. The freed region may contain stale data (producing silently corrupted chunk metadata) or data from subsequent heap allocations (leaking unrelated heap contents into the chunk struct). This vulnerability is fixed
Wiz
ELSA-2026-0932 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 5.3
[MEDIUM] ELSA-2026-0932 Impact, Exploitability, and Mitigation Steps | Wiz
## ELSA-2026-0932 :
OpenJDK JDK vulnerability analysis and mitigation
ELSA-2026-0932: java-1.8.0-openjdk security update (IMPORTANT)
Source : NVD
Published January 27, 2026
Severity HIGH
CNA Score N/A
Affected Technologies
OpenJDK JDK
Linux Oracle
Has Public Exploit No
Has CISA KEV Exploit No
CISA KEV Release Date N/A
CISA KEV Due Date N/A
Exploitation Probability Percentile (EPSS) N/A
Exploitation Probability (EPSS) N/A
Affected packages and libraries
java-1.8.0-openjdk
java-1.8.0-openjdk-accessibility
Sources
NVD
## Get a CVE risk assessment
Get a prioritized view of CVEs in your cloud—so you can focus on what's exploitable, not just what's listed.
## Related OpenJDK JDK vulnerabilities:
CVE ID
Severity
Score
Technologies
Component name
CISA KEV exploit
Wiz
CVE-2026-26740 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 8.2
CVE-2026-26740 [HIGH] CVE-2026-26740 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2026-26740 :
NixOS vulnerability analysis and mitigation
Buffer Overflow vulnerability in giflib v.5.2.2 allows a remote attacker to cause a denial of service via the EGifGCBToExtension overwriting an existing Graphic Control Extension block without validating its allocated size.
Wiz Threat Research note: This vulnerability's CVSS vector has been overridden to Integrity NONE by the Wiz Research team, as it's a Denial-of-Service vulnerability and does not allow code execution.
Source : NVD
## 8.2
Score
Published March 18, 2026
Severity HIGH
CNA Score 8.2
Affected Technologies
NixOS
OpenJDK JDK
Has Public Exploit Yes
Has CISA KEV Exploit No
CISA KEV Release Date N/A
CISA KEV Due Date N/A
Exploitation Probability Percentile (EPSS) 34
Exploitation Probability (EPSS)
Bugzilla
CVE-2026-26740 giflib: giflib: Denial of Service via buffer overflow in EGifGCBToExtension
bugzilla·2026-03-18·CVSS 8.2
CVE-2026-26740 [HIGH] CVE-2026-26740 giflib: giflib: Denial of Service via buffer overflow in EGifGCBToExtension
CVE-2026-26740 giflib: giflib: Denial of Service via buffer overflow in EGifGCBToExtension
Buffer Overflow vulnerability in giflib v.5.2.2 allows a remote attacker to cause a denial of service via the EGifGCBToExtension overwriting an existing Graphic Control Extension block without validating its allocated size.
Discussion:
Hi, team. I hope you're doing well.
Do we have an ETA for the fix for this CVE-2026-26740 vulnerability to the Red Hat build of OpenJDK 21 (java-21-openjdk-portable)?
Regards.
---
Hi,
Here is a public disclosure of the issue:
https://github.com/zakkanijia/POC/blob/main/giflib/giftool/giflib_giftool_gce_len_heap_oobwrite_disclosure.md
The affected components are the EGifGCBToExtension and EGifGCBToSavedExtension functions, implemented in egif_lib.c:
https://sou
Bugzilla
CVE-2026-26740 giflib: giflib: Denial of Service via buffer overflow in EGifGCBToExtension [fedora-all]
bugzilla·2026-03-18·CVSS 8.2
CVE-2026-26740 [HIGH] CVE-2026-26740 giflib: giflib: Denial of Service via buffer overflow in EGifGCBToExtension [fedora-all]
CVE-2026-26740 giflib: giflib: Denial of Service via buffer overflow in EGifGCBToExtension [fedora-all]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
Discussion:
FEDORA-2026-0be1222520 (giflib-6.1.3-2.fc44) has been submitted as an update to Fedora 44.
https://bodhi.fedoraproject.org/updates/FEDORA-2026-0be1222520
https://github.com/zakkanijia/POC/blob/main/giflib/giftool/giflib_giftool_gce_len_heap_oobwrite_disclosure.mdhttps://access.redhat.com/errata/RHSA-2026:33452https://access.redhat.com/errata/RHSA-2026:33455https://access.redhat.com/errata/RHSA-2026:33456https://access.redhat.com/security/cve/CVE-2026-26740https://bugzilla.redhat.com/show_bug.cgi?id=2448747https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-26740.json
2026-03-18
Published