CVE-2026-33809

CVSS v3.1

5.3

Medium

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Name of the Vulnerable Software and Affected Versions LibTIFF (affected versions not specified)

Description A specially designed TIFF file can trigger an out-of-memory error or excessive resource usage during image decoding. The issue arises from the image decoding process attempting to allocate up to 4GiB of memory when processing a malicious IFD offset within the TIFF file.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Allocation of Resources Without Limits

Unrestricted File Upload

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-770CWE-434

Related Identifiers

BDU:2026-07249

CVE-2026-33809

GHSA-44P7-9XX4-HF2G

GO-2026-4815

OPENSUSE-SU-2026:10628-1

OPENSUSE-SU-2026:10856-1

RHSA-2026:7291

RHSA-2026:7385

SUSE-SU-2026:1135-1

Affected Products

Libtiff

Red Os

CVE-2026-33809

Weakness Enumeration

Related Identifiers

Affected Products

References · 185