PT-2025-15289 · Gimp+6 · Gimp+6

Michael Randrianantenaina

Published

2025-01-01

Updated

2026-02-23

CVE-2025-2761

CVSS v3.1

8.8

High

Vector

AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions: GIMP (affected versions not specified)

Description: The issue is related to out-of-bounds write remote code execution in GIMP's FLI file parsing. This could potentially allow for remote code execution.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

RCE

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-787

Related Identifiers

BDU:2025-11270

CVE-2025-2761

DLA-4342-1

DSA-5939-1

MGASA-2026-0012

OESA-2025-1481

OESA-2025-1482

OESA-2025-1483

OPENSUSE-SU-2025_1571-1

SUSE-SU-2025:01571-1

SUSE-SU-2025:1546-1

SUSE-SU-2025:1571-1

SUSE-SU-2025_1546-1

USN-8057-1

ZDI-25-204

Affected Products

Astra Linux

Debian

Gimp

Linuxmint

Red Os

Suse

Ubuntu

PT-2025-15289 · Gimp+6 · Gimp+6

CVE-2025-2761

Weakness Enumeration

Related Identifiers

Affected Products

References · 61