Pypi · Pillow · CVE-2026-42308
**Name of the Vulnerable Software and Affected Versions**
Pillow versions prior to 12.2.0
**Description**
An integer overflow can occur when the library tracks the current position if a font advances for each glyph by an excessively large amount.
**Recommendations**
Update to version 12.2.0.