CVE-2026-40386

Опубликовано: 12 апр. 2026

Источник: nvd

CVSS3: 4

EPSS Низкий

Описание

In libexif through 0.6.25, an integer underflow in size checking for Fuji and Olympus MakerNote decoding could be used by attackers to crash or leak information out of libexif-using programs.

Ссылки

https://github.com/libexif/libexif/commit/dc6eac6e9655d14d0779d99e82d0f5f442d2f34b

EPSS

Процентиль: 2%

0.00013

Низкий

4 Medium

CVSS3

Дефекты

CWE-191

Связанные уязвимости

CVE-2026-40386

CVSS3: 4

ubuntu

2 дня назад

In libexif through 0.6.25, an integer underflow in size checking for Fuji and Olympus MakerNote decoding could be used by attackers to crash or leak information out of libexif-using programs.

CVE-2026-40386

CVSS3: 4

redhat

3 дня назад

A flaw was found in libexif. An integer underflow vulnerability in the size checking mechanism for Fuji and Olympus MakerNote decoding could allow attackers to exploit programs using libexif. This could lead to a Denial of Service (DoS) by crashing the program or result in information disclosure, potentially exposing sensitive data.

CVE-2026-40386

msrc

1 день назад

Описание отсутствует

CVE-2026-40386

CVSS3: 4

debian

3 дня назад

In libexif through 0.6.25, an integer underflow in size checking for F ...

GHSA-p6wp-hhx9-7jj5

CVSS3: 4

github

3 дня назад

In libexif through 0.6.25, an integer underflow in size checking for Fuji and Olympus MakerNote decoding could be used by attackers to crash or leak information out of libexif-using programs.

EPSS

Процентиль: 2%

0.00013

Низкий

4 Medium

CVSS3

Дефекты

CWE-191