CVE-2026-42311
published 2026-05-09CVE-2026-42311: Pillow is a Python imaging library. From version 10.3.0 to before version 12.2.0, processing a malicious PSD file could lead to memory corruption, potentially…
PriorityP341high7.8CVSS 3.1
AVLACLPRNUIRSUCHIHAH
EPSS
0.15%
4.6th percentile
Pillow is a Python imaging library. From version 10.3.0 to before version 12.2.0, processing a malicious PSD file could lead to memory corruption, potentially resulting in a crash or arbitrary code execution. This issue has been patched in version 12.2.0.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| python-pillow | pillow | — | — |
| python | pillow | >= 10.3.0 < 12.2.0 | 12.2.0 |
| python | pillow | >= 10.3.0 < 12.2.0 | 12.2.0 |
| ubuntu | pillow | — | — |
CVSS provenance
nvdv3.17.8HIGHCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
nvdv4.08.6HIGHCVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
ghsa8.6HIGH
vendor_ubuntu5.5MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Ubuntu
Pillow vulnerabilities
vendor_ubuntu·2026-06-08·CVSS 5.5
CVE-2026-42310 [MEDIUM] Pillow vulnerabilities
Title: Pillow vulnerabilities
Summary: Several security issues were fixed in Pillow.
It was discovered that Pillow incorrectly handled large glyph advance
values in fonts. An attacker could possibly use this issue to cause Pillow
to crash, resulting in a denial of service. (CVE-2026-42308)
It was discovered that Pillow incorrectly handled nested coordinate lists
in certain APIs. An attacker could possibly use this issue to cause Pillow
to crash, resulting in a denial of service. This issue only affected Ubuntu
25.10 and Ubuntu 26.04 LTS. (CVE-2026-42309)
It was discovered that Pillow incorrectly handled certain malformed PDF
files. An attacker could possibly use this issue to cause Pillow to use
excessive resources, leading to a denial of service. (CVE-2026-42310)
It was discovered th
VulDB
Pillow up to 12.1.1 PSD Tile Extents integer overflow (Nessus ID 313601)
vuldb·2026-05-10·CVSS 8.6
CVE-2026-42311 [HIGH] Pillow up to 12.1.1 PSD Tile Extents integer overflow (Nessus ID 313601)
A vulnerability has been found in Pillow and classified as problematic. This affects an unknown function of the component PSD Tile Extents Handler. This manipulation causes integer overflow.
This vulnerability is registered as CVE-2026-42311. The attack needs to be launched locally. No exploit is available.
The affected component should be upgraded.
GHSA
Pillow has an OOB Write with Invalid PSD Tile Extents (Integer Overflow)
ghsa·2026-05-04·CVSS 8.6
CVE-2026-42311 [HIGH] CWE-190 Pillow has an OOB Write with Invalid PSD Tile Extents (Integer Overflow)
Pillow has an OOB Write with Invalid PSD Tile Extents (Integer Overflow)
### Impact
Processing a malicious PSD file could lead to memory corruption, potentially resulting in a crash or arbitrary code execution.
### Patches
Patched version: 12.2.0
Pillow 12.1.1 addressed CVE-2026-25990 by adding checks for tile extents in PSD image decoding/encoding to prevent an out-of-bounds write. However, the bounds checks computed tile extent sums using types susceptible to integer overflow, meaning a PSD image with carefully chosen tile dimensions could produce values that wrap around and bypass the checks, still triggering an out-of-bounds write in src/decode.c and src/encode.c. The fix avoids adding extents together before comparison.
### Workarounds
Use any version but affected versions: >= 10.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2026-05-09
Published