CVE-2026-5201

HIGH

A flaw was found in the gdk-pixbuf library. This heap-based buffer overflow vulnerability occurs in the JPEG image loader due to improper validation of color component counts when processing a specially crafted JPEG image. A remote attacker can exploit this flaw without user interaction, for example, via thumbnail generation. Successful exploitation leads to application crashes and denial of service (DoS) conditions.

CVSS v3.1 Score

7.5
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Attack Vector
NETWORK
Complexity
LOW
Privileges
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
NONE
Integrity
NONE
Availability
HIGH
Published: 3/31/2026Modified: 4/1/2026

Related Intelligence (1)

HIGHVulnerability

NVD HIGH: CVE-2026-5201 — A flaw was found in the gdk-pixbuf library. This heap-based buffer overflow vuln...

A flaw was found in the gdk-pixbuf library. This heap-based buffer overflow vulnerability occurs in the JPEG image loader due to improper validation of color component counts when processing a specially crafted JPEG image. A remote attacker can exploit this flaw without user interaction, for example, via thumbnail generation. Successful exploitation leads to application crashes and denial of servi

CVE-2026-5201
NIST NVD

References (3)

https://access.redhat.com/security/cve/CVE-2026-5201https://bugzilla.redhat.com/show_bug.cgi?id=2453291https://gitlab.gnome.org/GNOME/gdk-pixbuf/-/issues/304