CVE-2025-32468

Name of the Vulnerable Software and Affected Versions: SAIL Image Decoding Library version 0.9.8

Description: A memory corruption issue exists in the BMPv3 Image Decoding functionality. Loading a specially crafted .bmp file can cause an integer overflow when calculating the stride for decoding, leading to a heap-based buffer overflow during image decoding and potentially resulting in remote code execution. An attacker needs to convince the library to read a malicious file to trigger this issue.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.