Vulnerability Database>CVE-2026-5201

CVE-2026-5201

‍

Publish date: April 1, 2026

Severity

High

CVSS score

7.5

Package

gdk-pixbuf

Affected versions

>= 2.42.12+dfsg-4, < 2.42.12+dfsg-4+e1

A flaw exists in the gdk-pixbuf library. This vulnerability, a heap-based buffer overflow, occurs in the JPEG image loader due to inadequate validation of color component counts when processing a specially crafted JPEG image. A remote attacker can exploit this vulnerability without user interaction, such as through thumbnail generation. Successful exploitation may result in application crashes and denial of service (DoS) conditions.

‍

Learn about Echo's vulnerability management

Learn more

CVE-2026-5201

NVD Record:

References:

Related CVEs: