{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-4887", "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "state": "PUBLISHED", "assignerShortName": "redhat", "dateReserved": "2026-03-26T11:33:19.455Z", "datePublished": "2026-03-26T12:08:47.354Z", "dateUpdated": "2026-05-12T23:49:32.940Z"}, "containers": {"cna": {"title": "Gimp: gimp:memory disclosure and denial of service via specially crafted pcx image", "metrics": [{"other": {"content": {"value": "Moderate", "namespace": "https://access.redhat.com/security/updates/classification/"}, "type": "Red Hat severity rating"}}, {"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H", "version": "3.1"}, "format": "CVSS"}], "descriptions": [{"lang": "en", "value": "A flaw was found in GIMP. This issue is a heap buffer over-read in GIMP PCX file loader due to an off-by-one error. A remote attacker could exploit this by convincing a user to open a specially crafted PCX image. Successful exploitation could lead to out-of-bounds memory disclosure and a possible application crash, resulting in a Denial of Service (DoS)."}], "affected": [{"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 9", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "gimp", "defaultStatus": "affected", "versions": [{"version": "2:3.0.4-1.el9_7.5", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:enterprise_linux:9::appstream"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 6", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "gimp", "defaultStatus": "unknown", "cpes": ["cpe:/o:redhat:enterprise_linux:6"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 7", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "gimp", "defaultStatus": "affected", "cpes": ["cpe:/o:redhat:enterprise_linux:7"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "gimp:2.8/gimp", "defaultStatus": "affected", "cpes": ["cpe:/o:redhat:enterprise_linux:8"]}], "references": [{"url": "https://access.redhat.com/errata/RHSA-2026:16484", "name": "RHSA-2026:16484", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/security/cve/CVE-2026-4887", "tags": ["vdb-entry", "x_refsource_REDHAT"]}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2451669", "name": "RHBZ#2451669", "tags": ["issue-tracking", "x_refsource_REDHAT"]}, {"url": "https://gitlab.gnome.org/GNOME/gimp/-/issues/15960"}], "datePublic": "2026-03-26T11:35:00.070Z", "problemTypes": [{"descriptions": [{"cweId": "CWE-193", "description": "Off-by-one Error", "lang": "en", "type": "CWE"}]}], "x_redhatCweChain": "CWE-193: Off-by-one Error", "workarounds": [{"lang": "en", "value": "Users should avoid opening untrusted PCX image files with GIMP. If GIMP is not required, consider removing the `gimp` package to eliminate this attack vector."}], "timeline": [{"lang": "en", "time": "2026-03-26T11:34:22.208Z", "value": "Reported to Red Hat."}, {"lang": "en", "time": "2026-03-26T11:35:00.070Z", "value": "Made public."}], "credits": [{"lang": "en", "value": "Red Hat would like to thank Meshaal (@unrealmesh) for reporting this issue."}], "providerMetadata": {"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat", "dateUpdated": "2026-05-12T23:49:32.940Z"}, "x_generator": {"engine": "cvelib 1.8.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-03-26T12:58:38.570446Z", "id": "CVE-2026-4887", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-26T12:58:45.569Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-4887", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-03-26T12:58:38.570446Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-26T12:58:42.644Z"}}], "cna": {"title": "Gimp: gimp:memory disclosure and denial of service via specially crafted pcx image", "credits": [{"lang": "en", "value": "Red Hat would like to thank Meshaal (@unrealmesh) for reporting this issue."}], "metrics": [{"other": {"type": "Red Hat severity rating", "content": {"value": "Moderate", "namespace": "https://access.redhat.com/security/updates/classification/"}}}, {"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.1, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}}], "affected": [{"cpes": ["cpe:/a:redhat:enterprise_linux:9::appstream"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 9", "versions": [{"status": "unaffected", "version": "2:3.0.4-1.el9_7.5", "lessThan": "*", "versionType": "rpm"}], "packageName": "gimp", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/o:redhat:enterprise_linux:6"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 6", "packageName": "gimp", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "unknown"}, {"cpes": ["cpe:/o:redhat:enterprise_linux:7"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 7", "packageName": "gimp", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/o:redhat:enterprise_linux:8"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8", "packageName": "gimp:2.8/gimp", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}], "timeline": [{"lang": "en", "time": "2026-03-26T11:34:22.208Z", "value": "Reported to Red Hat."}, {"lang": "en", "time": "2026-03-26T11:35:00.070Z", "value": "Made public."}], "datePublic": "2026-03-26T11:35:00.070Z", "references": [{"url": "https://access.redhat.com/errata/RHSA-2026:16484", "name": "RHSA-2026:16484", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/security/cve/CVE-2026-4887", "tags": ["vdb-entry", "x_refsource_REDHAT"]}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2451669", "name": "RHBZ#2451669", "tags": ["issue-tracking", "x_refsource_REDHAT"]}, {"url": "https://gitlab.gnome.org/GNOME/gimp/-/issues/15960"}], "workarounds": [{"lang": "en", "value": "Users should avoid opening untrusted PCX image files with GIMP. If GIMP is not required, consider removing the `gimp` package to eliminate this attack vector."}], "x_generator": {"engine": "cvelib 1.8.0"}, "descriptions": [{"lang": "en", "value": "A flaw was found in GIMP. This issue is a heap buffer over-read in GIMP PCX file loader due to an off-by-one error. A remote attacker could exploit this by convincing a user to open a specially crafted PCX image. Successful exploitation could lead to out-of-bounds memory disclosure and a possible application crash, resulting in a Denial of Service (DoS)."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-193", "description": "Off-by-one Error"}]}], "providerMetadata": {"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat", "dateUpdated": "2026-05-12T23:49:32.940Z"}, "x_redhatCweChain": "CWE-193: Off-by-one Error"}}, "cveMetadata": {"cveId": "CVE-2026-4887", "state": "PUBLISHED", "dateUpdated": "2026-05-12T23:49:32.940Z", "dateReserved": "2026-03-26T11:33:19.455Z", "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "datePublished": "2026-03-26T12:08:47.354Z", "assignerShortName": "redhat"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:gimp:gimp:*:*:*:*:*:*:*:*", "matchCriteriaId": "B47B700C-2770-4859-8535-02733AB22EDE", "versionEndExcluding": "3.2.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:gimp:gimp:3.2.0:rc1:*:*:*:*:*:*", "matchCriteriaId": "7FD8D154-2B8E-4DC9-BF0F-A5E7A7141ED8", "vulnerable": true}, {"criteria": "cpe:2.3:a:gimp:gimp:3.2.0:rc2:*:*:*:*:*:*", "matchCriteriaId": "2585D713-54B3-494C-99DC-53E3A7CE0CFE", "vulnerable": true}, {"criteria": "cpe:2.3:a:gimp:gimp:3.2.0:rc3:*:*:*:*:*:*", "matchCriteriaId": "2FDE25FB-1089-4611-BC6A-584D06A5E5D6", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC", "vulnerable": false}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A", "vulnerable": false}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943", "vulnerable": false}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A flaw was found in GIMP. This issue is a heap buffer over-read in GIMP PCX file loader due to an off-by-one error. A remote attacker could exploit this by convincing a user to open a specially crafted PCX image. Successful exploitation could lead to out-of-bounds memory disclosure and a possible application crash, resulting in a Denial of Service (DoS)."}, {"lang": "es", "value": "Se encontr\u00f3 una vulnerabilidad en GIMP. Este problema es una lectura excesiva de b\u00fafer de pila en el cargador de archivos PCX de GIMP debido a un error de uno. Un atacante remoto podr\u00eda explotar esto al convencer a un usuario de abrir una imagen PCX especialmente dise\u00f1ada. La explotaci\u00f3n exitosa podr\u00eda llevar a la divulgaci\u00f3n de memoria fuera de l\u00edmites y a un posible fallo de la aplicaci\u00f3n, lo que resultar\u00eda en una denegaci\u00f3n de servicio (DoS)."}], "id": "CVE-2026-4887", "lastModified": "2026-05-13T00:16:39.680", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 4.2, "source": "secalert@redhat.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.2, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2026-03-26T13:16:30.780", "references": [{"source": "secalert@redhat.com", "url": "https://access.redhat.com/errata/RHSA-2026:16484"}, {"source": "secalert@redhat.com", "tags": ["Mitigation", "Vendor Advisory"], "url": "https://access.redhat.com/security/cve/CVE-2026-4887"}, {"source": "secalert@redhat.com", "tags": ["Issue Tracking", "Vendor Advisory"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2451669"}, {"source": "secalert@redhat.com", "tags": ["Exploit", "Issue Tracking"], "url": "https://gitlab.gnome.org/GNOME/gimp/-/issues/15960"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-193"}], "source": "secalert@redhat.com", "type": "Secondary"}]}

{"acknowledgement": "Red Hat would like to thank Meshaal for reporting this issue.", "bugzilla": {"description": "gimp: GIMP:Memory disclosure and denial of service via specially crafted PCX image", "id": "2451669", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2451669"}, "csaw": false, "cvss3": {"cvss3_base_score": "6.1", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H", "status": "draft"}, "cwe": "CWE-193", "details": ["A flaw was found in GIMP. This issue is a heap buffer over-read in GIMP PCX file loader due to an off-by-one error. A remote attacker could exploit this by convincing a user to open a specially crafted PCX image. Successful exploitation could lead to out-of-bounds memory disclosure and a possible application crash, resulting in a Denial of Service (DoS)."], "mitigation": {"lang": "en:us", "value": "Users should avoid opening untrusted PCX image files with GIMP. If GIMP is not required, consider removing the `gimp` package to eliminate this attack vector."}, "name": "CVE-2026-4887", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "gimp", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Fix deferred", "package_name": "gimp", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Fix deferred", "package_name": "gimp:2.8/gimp", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Fix deferred", "package_name": "gimp", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2026-03-26T11:35:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2026-4887\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-4887\nhttps://gitlab.gnome.org/GNOME/gimp/-/issues/15960"], "statement": "Moderate: This flaw in GIMP's PCX file loader is due to a heap buffer over-read. Exploitation requires user interaction, specifically opening a specially crafted PCX image file. Red Hat Enterprise Linux systems are affected if GIMP is installed and used to open untrusted PCX files.", "threat_severity": "Moderate"}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": null}], "enrichment": {"confidence": 80.0, "confidence_source": "inferred", "scores": [{"score": 80.0, "source": "inferred"}]}, "product": "gimp", "vendor": "gnome"}, {"configurations": [{"platform": null, "status": "affected", "versions": null}], "enrichment": {"confidence": 100.0, "confidence_source": "manual", "scores": [{"score": 100.0, "source": "manual"}]}, "original": {"product": "Red Hat Enterprise Linux 6", "source": "cna", "vendor": "Red Hat"}, "product": "enterprise_linux", "vendor": "redhat"}], "analysis": {"en": {"generated_at": "2026-03-26T15:13:51.899343+00:00", "value": {"mitigation_remediation": ["Avoid opening untrusted PCX files with GIMP.", "If GIMP is unnecessary, uninstall the gimp package to remove the attack surface.", "Monitor Red\u202fHat advisories for a patch and apply any official update when released.", "Maintain system packages at their latest supported versions to reduce exposure."], "summary": {"action": "Apply Workaround", "impact": "Memory Disclosure and Denial of Service"}, "threat_synthesis": {"affected_systems": "The vulnerability affects GIMP installations on Red\u202fHat Enterprise\u202fLinux\u202f6 through 9. Any user who has the gimp package installed on these distributions is potentially susceptible, regardless of the specific GIMP version distributed with the OS.", "description_and_impact": "A heap buffer over-read in GIMP's PCX file loader occurs when an off\u2011by\u2011one error allows an attacker to craft a PCX image that, when loaded, can expose out\u2011of\u2011bounds memory contents and crash the application. The flaw, classified as CWE\u2011193, can lead to a disclosure of sensitive data and a denial of service, compromising confidentiality and availability but not directly affecting system integrity. Successful exploitation requires that a user opens the malicious file.", "risk_and_exploitability": "With a CVSS v3.1 score of 6.1, the severity is moderate. The EPSS score is not available and the flaw is not listed in the CISA KEV catalog. The attack requires social engineering; an adversary must convince a user to open a malicious PCX image. Because the flaw is only exploitable through such user interaction and does not involve a direct remote code execution vector, the overall likelihood of exploitation in uncontrolled environments is lower, though not negligible."}}}}, "created": "2026-03-27T08:36:00.056959+00:00", "updated": "2026-03-27T09:28:41.948880+00:00", "vendors": ["gnome", "gnome$PRODUCT$gimp", "redhat", "redhat$PRODUCT$enterprise_linux"]}