CVE-2026-2271

Name of the Vulnerable Software and Affected Versions GIMP (affected versions not specified)

Description A flaw exists in GIMP's PSP (Paint Shop Pro) file parser. An attacker can trigger an integer overflow in the read creator block() function by supplying a crafted PSP image file. This occurs because a 32-bit length value from the file is used for memory allocation without sufficient validation, resulting in a heap overflow and an out-of-bounds write. Successful exploitation may lead to a denial of service.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.