Fedora · Fedora · CVE-2026-2239
**Name of the Vulnerable Software and Affected Versions**
GIMP versions 3.0.8 through 3.0.8-5
Fedora 43
**Description**
A heap-buffer-overflow exists in the PSD loader component of the software, specifically within the `fread pascal string()` function due to a missing null terminator. This issue can be exploited by processing crafted PSD files, leading to a denial-of-service (DoS) condition.
**Recommendations**
Update GIMP to a version beyond 3.0.8-5.